isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Do not use JSON_ARRAY with sudo_json_add_value()

Browse Source
This commit is contained in:
Todd C. Miller
2020-03-29 05:05:08 -06:00
parent f24dacdee2
commit cffda82e20
7 changed files with 48 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/sudo_json.h
View File

@@ -37,7 +37,6 @@ struct json_value {
enum json_value_type type; enum json_value_type type;
union { union {
const char *string; const char *string;
char * const * array;
long long number; long long number;
id_t id; id_t id;
bool boolean; bool boolean;

26
lib/iolog/iolog_fileio.c
View File

@@ -932,6 +932,8 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
bool ret = false; bool ret = false;
FILE *fp = NULL; FILE *fp = NULL;
int fd = -1; int fd = -1;
size_t i;
char *cp;
debug_decl(iolog_write_info_file_json, SUDO_DEBUG_UTIL); debug_decl(iolog_write_info_file_json, SUDO_DEBUG_UTIL);
if (info->cmd == NULL || info->user == NULL || info->runas_user == NULL) if (info->cmd == NULL || info->user == NULL || info->runas_user == NULL)
@@ -974,16 +976,28 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
goto oom; goto oom;
if (info->argv != NULL) { if (info->argv != NULL) {
json_value.type = JSON_ARRAY; if (!sudo_json_open_array(&json, "runargv"))
json_value.u.array = info->argv; goto oom;
if (!sudo_json_add_value(&json, "runargv", &json_value)) for (i = 0; (cp = info->argv[i]) != NULL; i++) {
json_value.type = JSON_STRING;
json_value.u.string = cp;
if (!sudo_json_add_value(&json, NULL, &json_value))
goto oom;
}
if (!sudo_json_close_array(&json))
goto oom; goto oom;
} }
if (info->envp != NULL) { if (info->envp != NULL) {
json_value.type = JSON_ARRAY; if (!sudo_json_open_array(&json, "runenv"))
json_value.u.array = info->envp; goto oom;
if (!sudo_json_add_value(&json, "runenv", &json_value)) for (i = 0; (cp = info->envp[i]) != NULL; i++) {
json_value.type = JSON_STRING;
json_value.u.string = cp;
if (!sudo_json_add_value(&json, NULL, &json_value))
goto oom;
}
if (!sudo_json_close_array(&json))
goto oom; goto oom;
} }

37
lib/util/json.c
View File

@@ -305,7 +305,6 @@ sudo_json_add_value_int(struct json_container *json, const char *name,
struct json_value *value, bool as_object) struct json_value *value, bool as_object)
{ {
char numbuf[(((sizeof(long long) * 8) + 2) / 3) + 2]; char numbuf[(((sizeof(long long) * 8) + 2) / 3) + 2];
unsigned int i;
debug_decl(sudo_json_add_value, SUDO_DEBUG_UTIL); debug_decl(sudo_json_add_value, SUDO_DEBUG_UTIL);
/* Add comma if we are continuing an object/array. */ /* Add comma if we are continuing an object/array. */
@@ -356,41 +355,7 @@ sudo_json_add_value_int(struct json_container *json, const char *name,
debug_return_bool(false); debug_return_bool(false);
break; break;
case JSON_ARRAY: case JSON_ARRAY:
if (value->u.array[0] == NULL || value->u.array[1] == NULL) { sudo_fatalx("internal error: can't print JSON_ARRAY");
if (!json_append_buf(json, "[ "))
debug_return_bool(false);
if (value->u.array[0] != NULL) {
if (!json_append_string(json, value->u.array[0]))
debug_return_bool(false);
if (!json_append_buf(json, " "))
debug_return_bool(false);
}
if (!json_append_buf(json, "]"))
debug_return_bool(false);
} else {
if (!json_append_buf(json, "["))
debug_return_bool(false);
if (!json_append_buf(json, json->compact ? " " : "\n"))
debug_return_bool(false);
json->indent_level += json->indent_increment;
for (i = 0; value->u.array[i] != NULL; i++) {
if (!json_append_indent(json, json->indent_level))
debug_return_bool(false);
if (!json_append_string(json, value->u.array[i]))
debug_return_bool(false);
if (value->u.array[i + 1] != NULL) {
if (!json_append_buf(json, ","))
debug_return_bool(false);
}
if (!json_append_buf(json, json->compact ? " " : "\n"))
debug_return_bool(false);
}
json->indent_level -= json->indent_increment;
if (!json_append_indent(json, json->indent_level))
debug_return_bool(false);
if (!json_append_buf(json, "]"))
debug_return_bool(false);
}
break; break;
case JSON_OBJECT: case JSON_OBJECT:
sudo_fatalx("internal error: can't print JSON_OBJECT"); sudo_fatalx("internal error: can't print JSON_OBJECT");

23
logsrvd/eventlog.c
View File

@@ -288,7 +288,6 @@ format_json(ClientMessage__TypeCase event_type,
struct json_container json = { 0 }; struct json_container json = { 0 };
struct json_value json_value; struct json_value json_value;
struct timespec ts; struct timespec ts;
char **strvec;
size_t idx; size_t idx;
debug_decl(format_json, SUDO_DEBUG_UTIL); debug_decl(format_json, SUDO_DEBUG_UTIL);
@@ -365,20 +364,22 @@ format_json(ClientMessage__TypeCase event_type,
if (!sudo_json_add_value(&json, info->key, &json_value)) if (!sudo_json_add_value(&json, info->key, &json_value))
goto bad; goto bad;
break; break;
case INFO_MESSAGE__VALUE_STRLISTVAL: case INFO_MESSAGE__VALUE_STRLISTVAL: {
/* Must convert to NULL-terminated string vector. */ InfoMessage__StringList *strlist = info->strlistval;
strvec = strlist_copy(info->strlistval); size_t n;
if (strvec == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO, if (!sudo_json_open_array(&json, info->key))
"%s: %s", __func__, "unable to allocate memory");
goto bad; goto bad;
for (n = 0; n < strlist->n_strings; n++) {
json_value.type = JSON_STRING;
json_value.u.string = strlist->strings[n];
if (!sudo_json_add_value(&json, NULL, &json_value))
goto bad;
} }
json_value.type = JSON_ARRAY; if (!sudo_json_close_array(&json))
json_value.u.array = strvec;
if (!sudo_json_add_value(&json, info->key, &json_value))
goto bad; goto bad;
free(strvec);
break; break;
}
default: default:
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unexpected value case %d", info->value_case); "unexpected value case %d", info->value_case);

2
logsrvd/iolog_writer.c
View File

@@ -70,7 +70,7 @@ has_strlistval(InfoMessage *info)
* The input string list need not be NULL-terminated. * The input string list need not be NULL-terminated.
* Returns a NULL-terminated string vector. * Returns a NULL-terminated string vector.
*/ */
char ** static char **
strlist_copy(InfoMessage__StringList *strlist) strlist_copy(InfoMessage__StringList *strlist)
{ {
char **dst, **src = strlist->strings; char **dst, **src = strlist->strings;

1
logsrvd/logsrvd.h
View File

@@ -188,7 +188,6 @@ int store_suspend(CommandSuspend *msg, struct connection_closure *closure);
int store_winsize(ChangeWindowSize *msg, struct connection_closure *closure); int store_winsize(ChangeWindowSize *msg, struct connection_closure *closure);
void iolog_close_all(struct connection_closure *closure); void iolog_close_all(struct connection_closure *closure);
void iolog_details_free(struct iolog_details *details); void iolog_details_free(struct iolog_details *details);
char ** strlist_copy(InfoMessage__StringList *strlist);
/* logsrvd_conf.c */ /* logsrvd_conf.c */
bool logsrvd_conf_read(const char *path); bool logsrvd_conf_read(const char *path);

17
plugins/audit_json/audit_json.c
View File

@@ -258,12 +258,23 @@ add_key_value(struct json_container *json, const char *str)
static bool static bool
add_array(struct json_container *json, const char *name, char * const * array) add_array(struct json_container *json, const char *name, char * const * array)
{ {
const char *cp;
struct json_value json_value; struct json_value json_value;
debug_decl(add_array, SUDO_DEBUG_PLUGIN); debug_decl(add_array, SUDO_DEBUG_PLUGIN);
json_value.type = JSON_ARRAY; if (!sudo_json_open_array(json, name))
json_value.u.array = array; debug_return_bool(false);
debug_return_bool(sudo_json_add_value(json, name, &json_value)); while ((cp = *array) != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = cp;
if (!sudo_json_add_value(json, name, &json_value))
debug_return_bool(false);
array++;
}
if (!sudo_json_close_array(json))
debug_return_bool(false);
debug_return_bool(true);
} }
static bool static bool