Make it a fatal error if the plugin returns invalid or out of range
command info.
This commit is contained in:
Todd C. Miller
79
src/sudo.c
79
src/sudo.c
@@ -554,17 +554,16 @@ command_info_to_details(char * const info[], struct command_details *details)
|
|||||||
SET_STRING("command=", command)
|
SET_STRING("command=", command)
|
||||||
SET_STRING("cwd=", cwd)
|
SET_STRING("cwd=", cwd)
|
||||||
if (strncmp("closefrom=", info[i], sizeof("closefrom=") - 1) == 0) {
|
if (strncmp("closefrom=", info[i], sizeof("closefrom=") - 1) == 0) {
|
||||||
cp = info[i] + sizeof("closefrom=") - 1;
|
|
||||||
if (*cp == '\0')
|
|
||||||
break;
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
lval = strtol(cp, &ep, 0);
|
cp = info[i] + sizeof("closefrom=") - 1;
|
||||||
if (*cp != '\0' && *ep == '\0' &&
|
lval = strtol(cp, &ep, 10);
|
||||||
!(errno == ERANGE &&
|
if (*cp == '\0' || *ep != '\0')
|
||||||
(lval == LONG_MAX || lval == LONG_MIN)) &&
|
fatalx(_("%s: %s"), info[i], _("invalid value"));
|
||||||
lval < INT_MAX && lval > INT_MIN) {
|
if ((errno == ERANGE &&
|
||||||
|
(lval == LONG_MAX || lval == LONG_MIN)) ||
|
||||||
|
(lval > INT_MAX || lval < 0))
|
||||||
|
fatalx(_("%s: %s"), info[i], _("value out of range"));
|
||||||
details->closefrom = (int)lval;
|
details->closefrom = (int)lval;
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@@ -579,20 +578,18 @@ command_info_to_details(char * const info[], struct command_details *details)
|
|||||||
SET_STRING("login_class=", login_class)
|
SET_STRING("login_class=", login_class)
|
||||||
break;
|
break;
|
||||||
case 'n':
|
case 'n':
|
||||||
/* XXX - bounds check -NZERO to NZERO (inclusive). */
|
|
||||||
if (strncmp("nice=", info[i], sizeof("nice=") - 1) == 0) {
|
if (strncmp("nice=", info[i], sizeof("nice=") - 1) == 0) {
|
||||||
cp = info[i] + sizeof("nice=") - 1;
|
|
||||||
if (*cp == '\0')
|
|
||||||
break;
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
lval = strtol(cp, &ep, 0);
|
cp = info[i] + sizeof("nice=") - 1;
|
||||||
if (*cp != '\0' && *ep == '\0' &&
|
lval = strtol(cp, &ep, 10);
|
||||||
!(errno == ERANGE &&
|
if (*cp == '\0' || *ep != '\0')
|
||||||
(lval == LONG_MAX || lval == LONG_MIN)) &&
|
fatalx(_("%s: %s"), info[i], _("invalid value"));
|
||||||
lval < INT_MAX && lval > INT_MIN) {
|
if ((errno == ERANGE &&
|
||||||
|
(lval == LONG_MAX || lval == LONG_MIN)) ||
|
||||||
|
(lval > INT_MAX || lval < INT_MIN))
|
||||||
|
fatalx(_("%s: %s"), info[i], _("value out of range"));
|
||||||
details->priority = (int)lval;
|
details->priority = (int)lval;
|
||||||
SET(details->flags, CD_SET_PRIORITY);
|
SET(details->flags, CD_SET_PRIORITY);
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (strncmp("noexec=", info[i], sizeof("noexec=") - 1) == 0) {
|
if (strncmp("noexec=", info[i], sizeof("noexec=") - 1) == 0) {
|
||||||
@@ -655,23 +652,23 @@ command_info_to_details(char * const info[], struct command_details *details)
|
|||||||
if (strncmp("runas_privs=", info[i], sizeof("runas_privs=") - 1) == 0) {
|
if (strncmp("runas_privs=", info[i], sizeof("runas_privs=") - 1) == 0) {
|
||||||
const char *endp;
|
const char *endp;
|
||||||
cp = info[i] + sizeof("runas_privs=") - 1;
|
cp = info[i] + sizeof("runas_privs=") - 1;
|
||||||
if (*cp == '\0')
|
if (*cp != '\0') {
|
||||||
break;
|
|
||||||
errno = 0;
|
|
||||||
details->privs = priv_str_to_set(cp, ",", &endp);
|
details->privs = priv_str_to_set(cp, ",", &endp);
|
||||||
if (details->privs == NULL)
|
if (details->privs == NULL)
|
||||||
warning("invalid runas_privs %s", endp);
|
warning("invalid runas_privs %s", endp);
|
||||||
}
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
if (strncmp("runas_limitprivs=", info[i], sizeof("runas_limitprivs=") - 1) == 0) {
|
if (strncmp("runas_limitprivs=", info[i], sizeof("runas_limitprivs=") - 1) == 0) {
|
||||||
const char *endp;
|
const char *endp;
|
||||||
cp = info[i] + sizeof("runas_limitprivs=") - 1;
|
cp = info[i] + sizeof("runas_limitprivs=") - 1;
|
||||||
if (*cp == '\0')
|
if (*cp != '\0') {
|
||||||
break;
|
|
||||||
errno = 0;
|
|
||||||
details->limitprivs = priv_str_to_set(cp, ",", &endp);
|
details->limitprivs = priv_str_to_set(cp, ",", &endp);
|
||||||
if (details->limitprivs == NULL)
|
if (details->limitprivs == NULL)
|
||||||
warning("invalid runas_limitprivs %s", endp);
|
warning("invalid runas_limitprivs %s", endp);
|
||||||
}
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
#endif /* HAVE_PRIV_SET */
|
#endif /* HAVE_PRIV_SET */
|
||||||
break;
|
break;
|
||||||
case 's':
|
case 's':
|
||||||
@@ -690,35 +687,33 @@ command_info_to_details(char * const info[], struct command_details *details)
|
|||||||
break;
|
break;
|
||||||
case 't':
|
case 't':
|
||||||
if (strncmp("timeout=", info[i], sizeof("timeout=") - 1) == 0) {
|
if (strncmp("timeout=", info[i], sizeof("timeout=") - 1) == 0) {
|
||||||
cp = info[i] + sizeof("timeout=") - 1;
|
|
||||||
if (*cp == '\0')
|
|
||||||
break;
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
lval = strtol(cp, &ep, 0);
|
cp = info[i] + sizeof("timeout=") - 1;
|
||||||
if (*cp != '\0' && *ep == '\0' &&
|
lval = strtol(cp, &ep, 10);
|
||||||
!(errno == ERANGE &&
|
if (*cp == '\0' || *ep != '\0')
|
||||||
(lval == LONG_MAX || lval == LONG_MIN)) &&
|
fatalx(_("%s: %s"), info[i], _("invalid value"));
|
||||||
lval <= INT_MAX && lval >= 0) {
|
if ((errno == ERANGE &&
|
||||||
|
(lval == LONG_MAX || lval == LONG_MIN)) ||
|
||||||
|
(lval > INT_MAX || lval < 0))
|
||||||
|
fatalx(_("%s: %s"), info[i], _("value out of range"));
|
||||||
details->timeout = (int)lval;
|
details->timeout = (int)lval;
|
||||||
SET(details->flags, CD_SET_TIMEOUT);
|
SET(details->flags, CD_SET_TIMEOUT);
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'u':
|
case 'u':
|
||||||
if (strncmp("umask=", info[i], sizeof("umask=") - 1) == 0) {
|
if (strncmp("umask=", info[i], sizeof("umask=") - 1) == 0) {
|
||||||
cp = info[i] + sizeof("umask=") - 1;
|
|
||||||
if (*cp == '\0')
|
|
||||||
break;
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
|
cp = info[i] + sizeof("umask=") - 1;
|
||||||
lval = strtol(cp, &ep, 8);
|
lval = strtol(cp, &ep, 8);
|
||||||
if (*cp != '\0' && *ep == '\0' &&
|
if (*cp == '\0' || *ep != '\0')
|
||||||
!(errno == ERANGE &&
|
fatalx(_("%s: %s"), info[i], _("invalid value"));
|
||||||
(lval == LONG_MAX || lval == LONG_MIN)) &&
|
if ((errno == ERANGE &&
|
||||||
lval <= 0777 && lval >= 0) {
|
(lval == LONG_MAX || lval == LONG_MIN)) ||
|
||||||
|
(lval > 0777 || lval < 0))
|
||||||
|
fatalx(_("%s: %s"), info[i], _("value out of range"));
|
||||||
details->umask = (mode_t)lval;
|
details->umask = (mode_t)lval;
|
||||||
SET(details->flags, CD_SET_UMASK);
|
SET(details->flags, CD_SET_UMASK);
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (strncmp("use_pty=", info[i], sizeof("use_pty=") - 1) == 0) {
|
if (strncmp("use_pty=", info[i], sizeof("use_pty=") - 1) == 0) {
|
||||||
|
|||||||
Reference in New Issue
Block a user