isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add reference counting to Defaults bindings.

Browse Source 
Previously, we checked that the previous entry's binding pointer
was not the same while freeing.  However, to be able to merge
Defaults records we cannot rely on Defaults entries with the same
binding being immediately adjacent.  This removes the prev_binding
checks in favor of a reference count which allows us to plug the
memory leak in cvtsudoers when merging Defaults.
This commit is contained in:
Todd C. Miller
2021-11-20 08:01:37 -07:00
parent aed51033e1
commit e64a089aea
12 changed files with 131 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/sudoers/parse.c
View File

@@ -695,11 +695,11 @@ display_defaults(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
TAILQ_FOREACH(d, &parse_tree->defaults, entries) {
switch (d->type) {
case DEFAULTS_HOST:
if (hostlist_matches(parse_tree, pw, d->binding) != ALLOW)
if (hostlist_matches(parse_tree, pw, &d->binding->members) != ALLOW)
continue;
break;
case DEFAULTS_USER:
if (userlist_matches(parse_tree, pw, d->binding) != ALLOW)
if (userlist_matches(parse_tree, pw, &d->binding->members) != ALLOW)
continue;
break;
case DEFAULTS_RUNAS:
@@ -724,7 +724,7 @@ display_bound_defaults_by_type(struct sudoers_parse_tree *parse_tree,
int deftype, struct sudo_lbuf *lbuf)
{
struct defaults *d;
struct member_list *binding = NULL;
struct defaults_binding *binding = NULL;
struct member *m;
char *dsep;
int atype, nfound = 0;
@@ -760,8 +760,8 @@ display_bound_defaults_by_type(struct sudoers_parse_tree *parse_tree,
if (nfound != 1)
sudo_lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, " Defaults%s", dsep);
TAILQ_FOREACH(m, binding, entries) {
if (m != TAILQ_FIRST(binding))
TAILQ_FOREACH(m, &binding->members, entries) {
if (m != TAILQ_FIRST(&binding->members))
sudo_lbuf_append(lbuf, ", ");
sudoers_format_member(lbuf, parse_tree, m, ", ", atype);
}