MAX* + 1 -> MAX*
This commit is contained in:
Todd C. Miller
2
check.c
2
check.c
@@ -124,7 +124,7 @@ int user_is_exempt __P((void));
|
||||
* Globals
|
||||
*/
|
||||
static int timedir_is_good;
|
||||
static char timestampfile[MAXPATHLEN + 1];
|
||||
static char timestampfile[MAXPATHLEN];
|
||||
#ifdef HAVE_SECURID
|
||||
union config_record configure;
|
||||
#endif /* HAVE_SECURID */
|
||||
|
||||
@@ -94,7 +94,7 @@ extern char *strdup __P((const char *));
|
||||
char * find_path(file)
|
||||
char *file; /* file to find */
|
||||
{
|
||||
static char command[MAXPATHLEN + 1]; /* qualified filename */
|
||||
static char command[MAXPATHLEN]; /* qualified filename */
|
||||
register char *n; /* for traversing path */
|
||||
char *path = NULL; /* contents of PATH env var */
|
||||
char *origpath; /* so we can free path later */
|
||||
@@ -105,7 +105,7 @@ char * find_path(file)
|
||||
|
||||
command[0] = '\0';
|
||||
|
||||
if (strlen(file) > MAXPATHLEN) {
|
||||
if (strlen(file) >= MAXPATHLEN) {
|
||||
errno = ENAMETOOLONG;
|
||||
(void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], file);
|
||||
exit(1);
|
||||
|
||||
12
parse.c
12
parse.c
@@ -211,13 +211,15 @@ int command_matches(cmnd, user_args, path, sudoers_args)
|
||||
struct stat pst;
|
||||
DIR *dirp;
|
||||
struct dirent *dent;
|
||||
char buf[MAXPATHLEN+1];
|
||||
char buf[MAXPATHLEN];
|
||||
static char *c;
|
||||
|
||||
/* don't bother with pseudo commands like "validate" */
|
||||
if (strchr(cmnd, '/') == NULL)
|
||||
return(FALSE);
|
||||
|
||||
plen = strlen(path);
|
||||
|
||||
/* only need to stat cmnd once since it never changes */
|
||||
if (cmnd_st.st_dev == 0) {
|
||||
if (stat(cmnd, &cmnd_st) < 0)
|
||||
@@ -249,7 +251,6 @@ int command_matches(cmnd, user_args, path, sudoers_args)
|
||||
else
|
||||
return(FALSE);
|
||||
} else {
|
||||
plen = strlen(path);
|
||||
if (path[plen - 1] != '/') {
|
||||
#ifdef FAST_MATCH
|
||||
char *p;
|
||||
@@ -291,6 +292,9 @@ int command_matches(cmnd, user_args, path, sudoers_args)
|
||||
return(FALSE);
|
||||
|
||||
while ((dent = readdir(dirp)) != NULL) {
|
||||
/* ignore paths > MAXPATHLEN (XXX - log) */
|
||||
if (plen + strlen(dent->d_name) >= sizeof(buf))
|
||||
continue;
|
||||
strcpy(buf, path);
|
||||
strcat(buf, dent->d_name);
|
||||
#ifdef FAST_MATCH
|
||||
@@ -404,13 +408,13 @@ int netgr_matches(netgr, host, user)
|
||||
#ifdef HAVE_GETDOMAINNAME
|
||||
/* get the domain name (if any) */
|
||||
if (domain == (char *) -1) {
|
||||
if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) {
|
||||
if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) {
|
||||
perror("malloc");
|
||||
(void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') {
|
||||
if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') {
|
||||
(void) free(domain);
|
||||
domain = NULL;
|
||||
}
|
||||
|
||||
14
sudo.c
14
sudo.c
@@ -146,9 +146,9 @@ char *cmnd = NULL;
|
||||
char *cmnd_args = NULL;
|
||||
char *tty = "unknown";
|
||||
char *prompt;
|
||||
char host[MAXHOSTNAMELEN + 1];
|
||||
char host[MAXHOSTNAMELEN];
|
||||
char *shost;
|
||||
char cwd[MAXPATHLEN + 1];
|
||||
char cwd[MAXPATHLEN];
|
||||
FILE *sudoers_fp = NULL;
|
||||
struct stat cmnd_st;
|
||||
static char *runas_homedir = NULL;
|
||||
@@ -409,7 +409,7 @@ static void load_globals(sudo_mode)
|
||||
if ((user_pw_ent = sudo_getpwuid(getuid())) == NULL) {
|
||||
/* need to make a fake user_pw_ent */
|
||||
struct passwd pw_ent;
|
||||
char pw_name[MAX_UID_T_LEN+1];
|
||||
char pw_name[MAX_UID_T_LEN + 1];
|
||||
|
||||
/* fill in uid and name fields with the uid */
|
||||
pw_ent.pw_uid = getuid();
|
||||
@@ -459,10 +459,10 @@ static void load_globals(sudo_mode)
|
||||
/*
|
||||
* so we know where we are... (do as user)
|
||||
*/
|
||||
if (!getwd(cwd)) {
|
||||
if (!getcwd(cwd, sizeof(cwd))) {
|
||||
/* try as root... */
|
||||
set_perms(PERM_ROOT, sudo_mode);
|
||||
if (!getwd(cwd)) {
|
||||
if (!getcwd(cwd), sizeof(cwd)) {
|
||||
(void) fprintf(stderr, "%s: Can't get working directory!\n",
|
||||
Argv[0]);
|
||||
(void) strcpy(cwd, "unknown");
|
||||
@@ -474,7 +474,7 @@ static void load_globals(sudo_mode)
|
||||
* load the host global variable from gethostname() and use
|
||||
* gethostbyname() if we want to be sure it is fully qualified.
|
||||
*/
|
||||
if ((gethostname(host, MAXHOSTNAMELEN))) {
|
||||
if ((gethostname(host, sizeof(host)))) {
|
||||
strcpy(host, "localhost");
|
||||
log_error(GLOBAL_NO_HOSTNAME);
|
||||
inform_user(GLOBAL_NO_HOSTNAME);
|
||||
@@ -754,7 +754,7 @@ static void add_env(contiguous)
|
||||
static void load_cmnd(sudo_mode)
|
||||
int sudo_mode;
|
||||
{
|
||||
if (strlen(NewArgv[0]) > MAXPATHLEN) {
|
||||
if (strlen(NewArgv[0]) >= MAXPATHLEN) {
|
||||
errno = ENAMETOOLONG;
|
||||
(void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0],
|
||||
NewArgv[0]);
|
||||
|
||||
@@ -76,9 +76,9 @@ extern int num_interfaces;
|
||||
char *cmnd = NULL;
|
||||
char *cmnd_args = NULL;
|
||||
char *runas_user = "root";
|
||||
char host[MAXHOSTNAMELEN+1];
|
||||
char host[MAXHOSTNAMELEN];
|
||||
char *shost;
|
||||
char cwd[MAXPATHLEN+1];
|
||||
char cwd[MAXPATHLEN];
|
||||
struct passwd *user_pw_ent;
|
||||
char **Argv, **NewArgv;
|
||||
int Argc, NewArgc;
|
||||
@@ -224,13 +224,13 @@ int netgr_matches(netgr, host, user)
|
||||
#ifdef HAVE_GETDOMAINNAME
|
||||
/* get the domain name (if any) */
|
||||
if (domain == (char *) -1) {
|
||||
if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) {
|
||||
if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) {
|
||||
perror("malloc");
|
||||
(void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') {
|
||||
if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') {
|
||||
(void) free(domain);
|
||||
domain = NULL;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user