isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use atoid() in more places.

Browse Source
This commit is contained in:
Todd C. Miller
2013-08-07 15:49:03 -06:00
parent 40cb480f07
commit dde7331a0f
5 changed files with 84 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
compat/getgrouplist.c
View File

@@ -92,10 +92,6 @@ done:
#elif defined(HAVE_NSS_SEARCH)
#ifndef GID_MAX
# define GID_MAX UID_MAX
#endif
#ifndef ALIGNBYTES
# define ALIGNBYTES (sizeof(long) - 1L)
#endif
@@ -104,6 +100,7 @@ done:
#endif
extern void _nss_initf_group(nss_db_params_t *);
extern id_t atoid(const char *str, const char **errstr);
/*
* Convert a groups file string (instr) to a struct group (ent) using
@@ -115,8 +112,9 @@ str2grp(const char *instr, int inlen, void *ent, char *buf, int buflen)
struct group *grp = ent;
char *cp, *ep, *fieldsep = buf;
char **gr_mem, **gr_end;
const char *errstr;
int yp = 0;
unsigned long gid;
id_t id;
/* Must at least have space to copy instr -> buf. */
if (inlen >= buflen)
@@ -150,21 +148,24 @@ str2grp(const char *instr, int inlen, void *ent, char *buf, int buflen)
if ((fieldsep = strchr(cp = fieldsep, ':')) == NULL)
return yp ? NSS_STR_PARSE_SUCCESS : NSS_STR_PARSE_PARSE;
*fieldsep++ = '\0';
gid = strtoul(cp, &ep, 10);
if (*cp == '\0' || *ep != '\0')
errno = 0;
id = atoid(cp, &errstr);
if (errstr == NULL) {
/*
* A range error is always a fatal error, but ignore garbage
* at the end of YP entries since it has no meaning.
*/
if (errno == ERANGE)
return NSS_STR_PARSE_ERANGE;
return yp ? NSS_STR_PARSE_SUCCESS : NSS_STR_PARSE_PARSE;
#ifdef GID_NOBODY
if (*cp == '-' && gid != 0) {
/* Negative gids get mapped to nobody on Solaris. */
grp->gr_gid = GID_NOBODY;
} else
#endif
if ((errno == ERANGE && gid == ULONG_MAX) ||
gid > GID_MAX || gid != (gid_t)gid) {
return NSS_STR_PARSE_ERANGE;
} else {
grp->gr_gid = (gid_t)gid;
}
#ifdef GID_NOBODY
/* Negative gids get mapped to nobody on Solaris. */
if (*cp == '-' && gid != 0)
grp->gr_gid = GID_NOBODY;
else
#endif
grp->gr_gid = (gid_t)id;
/* Store group members, taking care to use proper alignment. */
grp->gr_mem = NULL;

39
plugins/sudoers/iolog.c
View File

@@ -352,9 +352,10 @@ iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
{
const char *runas_uid_str = "0", *runas_euid_str = NULL;
const char *runas_gid_str = "0", *runas_egid_str = NULL;
char id[MAX_UID_T_LEN + 2], *ep;
const char *errstr;
char idbuf[MAX_UID_T_LEN + 2];
char * const *cur;
unsigned long ulval;
id_t id;
uid_t runas_uid = 0;
gid_t runas_gid = 0;
debug_decl(iolog_deserialize_info, SUDO_DEBUG_UTIL)
@@ -470,37 +471,35 @@ iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
if (runas_euid_str != NULL)
runas_uid_str = runas_euid_str;
if (runas_uid_str != NULL) {
errno = 0;
ulval = strtoul(runas_uid_str, &ep, 0);
if (*runas_uid_str != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
runas_uid = (uid_t)ulval;
}
id = atoid(runas_uid_str, &errstr);
if (errstr != NULL)
warningx("runas uid %s: %s", runas_uid_str, _(errstr));
else
runas_uid = (uid_t)id;
}
if (runas_egid_str != NULL)
runas_gid_str = runas_egid_str;
if (runas_gid_str != NULL) {
errno = 0;
ulval = strtoul(runas_gid_str, &ep, 0);
if (*runas_gid_str != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
runas_gid = (gid_t)ulval;
}
id = atoid(runas_gid_str, &errstr);
if (errstr != NULL)
warningx("runas gid %s: %s", runas_gid_str, _(errstr));
else
runas_gid = (gid_t)id;
}
details->runas_pw = sudo_getpwuid(runas_uid);
if (details->runas_pw == NULL) {
id[0] = '#';
strlcpy(&id[1], runas_uid_str, sizeof(id) - 1);
details->runas_pw = sudo_fakepwnam(id, runas_gid);
idbuf[0] = '#';
strlcpy(&idbuf[1], runas_uid_str, sizeof(idbuf) - 1);
details->runas_pw = sudo_fakepwnam(idbuf, runas_gid);
}
if (runas_gid != details->runas_pw->pw_gid) {
details->runas_gr = sudo_getgrgid(runas_gid);
if (details->runas_gr == NULL) {
id[0] = '#';
strlcpy(&id[1], runas_gid_str, sizeof(id) - 1);
details->runas_gr = sudo_fakegrnam(id);
idbuf[0] = '#';
strlcpy(&idbuf[1], runas_gid_str, sizeof(idbuf) - 1);
details->runas_gr = sudo_fakegrnam(idbuf);
}
}
debug_return_bool(

28
plugins/sudoers/tsgetgrpw.c
View File

@@ -123,8 +123,9 @@ getpwent(void)
static struct passwd pw;
static char pwbuf[LINE_MAX];
size_t len;
unsigned long id;
char *cp, *colon, *ep;
id_t id;
char *cp, *colon;
const char *errstr;
next_entry:
if ((colon = fgets(pwbuf, sizeof(pwbuf), pwf)) == NULL)
@@ -142,19 +143,15 @@ next_entry:
if ((colon = strchr(cp = colon, ':')) == NULL)
goto next_entry;
*colon++ = '\0';
id = strtoul(cp, &ep, 10);
if (*cp == '\0' || *ep != '\0')
goto next_entry;
if (id > UID_MAX || (id == ULONG_MAX && errno == ERANGE))
id = atoid(cp, &errstr);
if (errstr != NULL)
goto next_entry;
pw.pw_uid = (uid_t)id;
if ((colon = strchr(cp = colon, ':')) == NULL)
goto next_entry;
*colon++ = '\0';
id = strtoul(cp, &ep, 10);
if (*cp == '\0' || *ep != '\0')
goto next_entry;
if (id > GID_MAX || (id == ULONG_MAX && errno == ERANGE))
id = atoid(cp, &errstr);
if (errstr != NULL)
goto next_entry;
pw.pw_gid = (gid_t)id;
if ((colon = strchr(cp = colon, ':')) == NULL)
@@ -255,8 +252,9 @@ getgrent(void)
static struct group gr;
static char grbuf[LINE_MAX], *gr_mem[GRMEM_MAX+1];
size_t len;
unsigned long id;
char *cp, *colon, *ep;
id_t id;
char *cp, *colon;
const char *errstr;
int n;
next_entry:
@@ -275,10 +273,8 @@ next_entry:
if ((colon = strchr(cp = colon, ':')) == NULL)
goto next_entry;
*colon++ = '\0';
id = strtoul(cp, &ep, 10);
if (*cp == '\0' || *ep != '\0')
goto next_entry;
if (id > GID_MAX || (id == ULONG_MAX && errno == ERANGE))
id = atoid(cp, &errstr);
if (errstr != NULL)
goto next_entry;
gr.gr_gid = (gid_t)id;
len = strlen(colon);

68
src/sudo.c
View File

@@ -530,9 +530,10 @@ static void
command_info_to_details(char * const info[], struct command_details *details)
{
int i;
id_t id;
long lval;
unsigned long ulval;
char *cp, *ep;
const char *errstr;
debug_decl(command_info_to_details, SUDO_DEBUG_PCOMM)
memset(details, 0, sizeof(*details));
@@ -610,39 +611,33 @@ command_info_to_details(char * const info[], struct command_details *details)
case 'r':
if (strncmp("runas_egid=", info[i], sizeof("runas_egid=") - 1) == 0) {
cp = info[i] + sizeof("runas_egid=") - 1;
if (*cp == '\0')
break;
errno = 0;
ulval = strtoul(cp, &ep, 0);
if (*cp != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
details->egid = (gid_t)ulval;
id = atoid(cp, &errstr);
if (errstr != NULL) {
warningx(_("%s: %s"), info[i], _(errstr));
} else {
details->egid = (gid_t)id;
SET(details->flags, CD_SET_EGID);
}
break;
}
if (strncmp("runas_euid=", info[i], sizeof("runas_euid=") - 1) == 0) {
cp = info[i] + sizeof("runas_euid=") - 1;
if (*cp == '\0')
break;
errno = 0;
ulval = strtoul(cp, &ep, 0);
if (*cp != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
details->euid = (uid_t)ulval;
id = atoid(cp, &errstr);
if (errstr != NULL) {
warningx(_("%s: %s"), info[i], _(errstr));
} else {
details->euid = (uid_t)id;
SET(details->flags, CD_SET_EUID);
}
break;
}
if (strncmp("runas_gid=", info[i], sizeof("runas_gid=") - 1) == 0) {
cp = info[i] + sizeof("runas_gid=") - 1;
if (*cp == '\0')
break;
errno = 0;
ulval = strtoul(cp, &ep, 0);
if (*cp != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
details->gid = (gid_t)ulval;
id = atoid(cp, &errstr);
if (errstr != NULL) {
warningx(_("%s: %s"), info[i], _(errstr));
} else {
details->gid = (gid_t)id;
SET(details->flags, CD_SET_GID);
}
break;
@@ -665,13 +660,12 @@ command_info_to_details(char * const info[], struct command_details *details)
emalloc2(details->ngroups, sizeof(GETGROUPS_T));
cp = info[i] + sizeof("runas_groups=") - 1;
for (j = 0; j < details->ngroups;) {
errno = 0;
ulval = strtoul(cp, &ep, 0);
if (*cp == '\0' || (*ep != ',' && *ep != '\0') ||
(ulval == ULONG_MAX && errno == ERANGE)) {
id = atoid(cp, &errstr);
if (errstr != NULL) {
warningx(_("%s: %s"), cp, _(errstr));
break;
}
details->groups[j++] = (gid_t)ulval;
details->groups[j++] = (gid_t)id;
cp = ep + 1;
}
details->ngroups = j;
@@ -680,13 +674,11 @@ command_info_to_details(char * const info[], struct command_details *details)
}
if (strncmp("runas_uid=", info[i], sizeof("runas_uid=") - 1) == 0) {
cp = info[i] + sizeof("runas_uid=") - 1;
if (*cp == '\0')
break;
errno = 0;
ulval = strtoul(cp, &ep, 0);
if (*cp != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
details->uid = (uid_t)ulval;
id = atoid(cp, &errstr);
if (errstr != NULL) {
warningx(_("%s: %s"), info[i], _(errstr));
} else {
details->uid = (uid_t)id;
SET(details->flags, CD_SET_UID);
}
break;
@@ -751,10 +743,12 @@ command_info_to_details(char * const info[], struct command_details *details)
if (*cp == '\0')
break;
errno = 0;
ulval = strtoul(cp, &ep, 8);
lval = strtol(cp, &ep, 8);
if (*cp != '\0' && *ep == '\0' &&
(errno != ERANGE || ulval != ULONG_MAX)) {
details->umask = (uid_t)ulval;
!(errno == ERANGE &&
(lval == LONG_MAX || lval == LONG_MIN)) &&
lval <= 0777 && lval >= 0) {
details->umask = (mode_t)lval;
SET(details->flags, CD_SET_UMASK);
}
break;

3
src/sudo.h
View File

@@ -187,6 +187,9 @@ char *fmt_string(const char *var, const char *value);
/* atobool.c */
bool atobool(const char *str);
/* atoid.c */
id_t atoid(const char *str, const char **errstr);
/* parse_args.c */
int parse_args(int argc, char **argv, int *nargc, char ***nargv,
char ***settingsp, char ***env_addp);