Now that we have proper number parsing functions we should store

T_UINT defaults values as unsigned int, not int.
2013-12-11 14:43:04 -07:00
parent 3e4f5c5848
commit ef2cff1d33
9 changed files with 27 additions and 23 deletions
--- a/plugins/sudoers/auth/sudo_auth.c
+++ b/plugins/sudoers/auth/sudo_auth.c
@@ -183,7 +183,7 @@ sudo_auth_cleanup(struct passwd *pw)
 int
 verify_user(struct passwd *pw, char *prompt, int validated)
 {
-    int counter = def_passwd_tries + 1;
+    unsigned int counter = def_passwd_tries + 1;
    int success = AUTH_FAILURE;
    int status, rval;
    char *p;
--- a/plugins/sudoers/def_data.c
+++ b/plugins/sudoers/def_data.c
@@ -152,7 +152,7 @@ struct sudo_defs_types sudo_defs_table[] = {
 	NULL,
    }, {
 	"loglinelen", T_UINT|T_BOOL,
-	N_("Length at which to wrap log file lines (0 for no wrap): %d"),
+	N_("Length at which to wrap log file lines (0 for no wrap): %u"),
 	NULL,
    }, {
 	"timestamp_timeout", T_FLOAT|T_BOOL,
@@ -164,7 +164,7 @@ struct sudo_defs_types sudo_defs_table[] = {
 	NULL,
    }, {
 	"passwd_tries", T_UINT,
-	N_("Number of tries to enter a password: %d"),
+	N_("Number of tries to enter a password: %u"),
 	NULL,
    }, {
 	"umask", T_MODE|T_BOOL,
@@ -372,7 +372,7 @@ struct sudo_defs_types sudo_defs_table[] = {
 	NULL,
    }, {
 	"maxseq", T_UINT,
-	N_("Maximum I/O log sequence number"),
+	N_("Maximum I/O log sequence number: %u"),
 	NULL,
    }, {
 	NULL, 0, NULL
--- a/plugins/sudoers/def_data.h
+++ b/plugins/sudoers/def_data.h
@@ -62,13 +62,13 @@
 #define I_STAY_SETUID           30
 #define def_preserve_groups     (sudo_defs_table[31].sd_un.flag)
 #define I_PRESERVE_GROUPS       31
-#define def_loglinelen          (sudo_defs_table[32].sd_un.ival)
+#define def_loglinelen          (sudo_defs_table[32].sd_un.uival)
 #define I_LOGLINELEN            32
 #define def_timestamp_timeout   (sudo_defs_table[33].sd_un.fval)
 #define I_TIMESTAMP_TIMEOUT     33
 #define def_passwd_timeout      (sudo_defs_table[34].sd_un.fval)
 #define I_PASSWD_TIMEOUT        34
-#define def_passwd_tries        (sudo_defs_table[35].sd_un.ival)
+#define def_passwd_tries        (sudo_defs_table[35].sd_un.uival)
 #define I_PASSWD_TRIES          35
 #define def_umask               (sudo_defs_table[36].sd_un.mode)
 #define I_UMASK                 36
@@ -172,7 +172,7 @@
 #define I_PAM_SETCRED           85
 #define def_pam_session         (sudo_defs_table[86].sd_un.flag)
 #define I_PAM_SESSION           86
-#define def_maxseq              (sudo_defs_table[87].sd_un.ival)
+#define def_maxseq              (sudo_defs_table[87].sd_un.uival)
 #define I_MAXSEQ                87

 enum def_tuple {
--- a/plugins/sudoers/def_data.in
+++ b/plugins/sudoers/def_data.in
@@ -109,7 +109,7 @@ preserve_groups
 	"Don't initialize the group vector to that of the target user"
 loglinelen
 	T_UINT|T_BOOL
-	"Length at which to wrap log file lines (0 for no wrap): %d"
+	"Length at which to wrap log file lines (0 for no wrap): %u"
 timestamp_timeout
 	T_FLOAT|T_BOOL
 	"Authentication timestamp timeout: %.1f minutes"
@@ -118,7 +118,7 @@ passwd_timeout
 	"Password prompt timeout: %.1f minutes"
 passwd_tries
 	T_UINT
-	"Number of tries to enter a password: %d"
+	"Number of tries to enter a password: %u"
 umask
 	T_MODE|T_BOOL
 	"Umask to use or 0777 to use user's: 0%o"
@@ -276,4 +276,4 @@ pam_session
 	"Create a new PAM session for the command to run in"
 maxseq
 	T_UINT
-	"Maximum I/O log sequence number"
+	"Maximum I/O log sequence number: %u"
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -148,11 +148,14 @@ dump_defaults(void)
 			sudo_printf(SUDO_CONV_INFO_MSG, "\n");
 		    }
 		    break;
-		case T_UINT:
 		case T_INT:
 		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.ival);
 		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
 		    break;
+		case T_UINT:
+		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.uival);
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
 		case T_FLOAT:
 		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.fval);
 		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
@@ -628,7 +631,7 @@ store_uint(char *val, struct sudo_defs_types *def, int op)
    debug_decl(store_uint, SUDO_DEBUG_DEFAULTS)

    if (op == false) {
-	def->sd_un.ival = 0;
+	def->sd_un.uival = 0;
    } else {
 	u = strtonum(val, 0, UINT_MAX, &errstr);
 	if (errstr != NULL) {
@@ -636,8 +639,7 @@ store_uint(char *val, struct sudo_defs_types *def, int op)
 		"%s: %s", val, errstr);
 	    debug_return_bool(false);
 	}
-	/* XXX - should have uival */
-	def->sd_un.ival = u;
+	def->sd_un.uival = u;
    }
    if (def->callback)
 	debug_return_bool(def->callback(val));
--- a/plugins/sudoers/defaults.h
+++ b/plugins/sudoers/defaults.h
@@ -55,6 +55,7 @@ struct sudo_defs_types {
    union {
 	int flag;
 	int ival;
+	unsigned int uival;
 	double fval;
 	enum def_tuple tuple;
 	char *str;
--- a/plugins/sudoers/logging.c
+++ b/plugins/sudoers/logging.c
@@ -344,7 +344,7 @@ log_failure(int status, int flags)
 * Log and audit that user was not able to authenticate themselves.
 */
 void
-log_auth_failure(int status, int tries)
+log_auth_failure(int status, unsigned int tries)
 {
    int flags = NO_MAIL;
    debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
@@ -439,9 +439,9 @@ vlog_warning(int flags, const char *fmt, va_list ap)

    /* Expand printf-style format + args (with a special case). */
    if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
-	int tries = va_arg(ap, int);
-	easprintf(&message, ngettext("%d incorrect password attempt",
-	    "%d incorrect password attempts", tries), tries);
+	unsigned int tries = va_arg(ap, unsigned int);
+	easprintf(&message, ngettext("%u incorrect password attempt",
+	    "%u incorrect password attempts", tries), tries);
    } else {
 	evasprintf(&message, _(fmt), ap);
    }
@@ -493,9 +493,9 @@ vlog_warning(int flags, const char *fmt, va_list ap)
    if (!ISSET(flags, NO_STDERR)) {
 	sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
 	if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
-	    int tries = va_arg(ap2, int);
-	    warningx_nodebug(ngettext("%d incorrect password attempt",
-		"%d incorrect password attempts", tries), tries);
+	    unsigned int tries = va_arg(ap2, unsigned int);
+	    warningx_nodebug(ngettext("%u incorrect password attempt",
+		"%u incorrect password attempts", tries), tries);
 	} else {
 	    if (ISSET(flags, USE_ERRNO))
 		vwarning_nodebug(_(fmt), ap2);
--- a/plugins/sudoers/logging.h
+++ b/plugins/sudoers/logging.h
@@ -63,7 +63,7 @@ int sudoers_getlocale(void);
 void audit_success(char *exec_args[]);
 void audit_failure(char *exec_args[], char const *const fmt, ...) __printflike(2, 3);
 void log_allowed(int status);
-void log_auth_failure(int status, int tries);
+void log_auth_failure(int status, unsigned int tries);
 void log_denial(int status, bool inform_user);
 void log_failure(int status, int flags);
 void log_warning(int flags, const char *fmt, ...) __printflike(2, 3);
--- a/plugins/sudoers/mkdefaults
+++ b/plugins/sudoers/mkdefaults
@@ -125,7 +125,8 @@ sub print_record {
    my ($i, $v, $defname);
    # each variable gets a macro to access its value
    for ($rec->[1]) {
-	if    (/^T_U?INT/)  { $v = "ival"; }
+	if    (/^T_INT/)    { $v = "ival"; }
+	elsif (/^T_UINT/)   { $v = "uival"; }
 	elsif (/^T_STR/)    { $v = "str"; }
 	elsif (/^T_FLAG/)   { $v = "flag"; }
 	elsif (/^T_MODE/)   { $v = "mode"; }