isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add some memsets for paranoia

Browse Source 
Fix namespace collsion w/ error
Check rval of decode_args() and update_env()
Remove improper setting of validated variable
This commit is contained in:
Todd C. Miller
2005-04-16 07:14:34 +00:00
parent f261a99f22
commit fe9b653085
1 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
mon_systrace.c
View File

@@ -497,7 +497,7 @@ read_string(fd, pid, addr, buf, bufsiz)
} else { } else {
if (errno != EINVAL || chunksiz == 4) if (errno != EINVAL || chunksiz == 4)
return(-1); return(-1);
chunksiz >>= 1; /* chunksiz too big, half it */ chunksiz >>= 1; /* chunksiz too big, halve it */
} }
} }
*cp = '\0'; *cp = '\0';
@@ -583,6 +583,7 @@ update_env(fd, pid, seqnr, askp)
} }
if ((*envp = ap) == NULL) if ((*envp = ap) == NULL)
break; break;
memset(buf, 0, sizeof(buf));
if ((len = read_string(fd, pid, ap, buf, sizeof(buf))) == -1) if ((len = read_string(fd, pid, ap, buf, sizeof(buf))) == -1)
return(-1); return(-1);
if (buf[0] == 'S') { if (buf[0] == 'S') {
@@ -785,6 +786,7 @@ decode_args(fd, pid, askp)
* Loop through argv, collapsing it into a single string and reading * Loop through argv, collapsing it into a single string and reading
* until we hit the terminating NULL. We skip argv[0]. * until we hit the terminating NULL. We skip argv[0].
*/ */
memset(abuf, 0, sizeof(abuf));
off = (char *)askp->args[1]; off = (char *)askp->args[1];
for (cp = abuf, ep = abuf + sizeof(abuf); cp < ep; off += sizeof(char *)) { for (cp = abuf, ep = abuf + sizeof(abuf); cp < ep; off += sizeof(char *)) {
if (systrace_read(fd, pid, off, &ap, sizeof(ap)) != 0) { if (systrace_read(fd, pid, off, &ap, sizeof(ap)) != 0) {
@@ -821,7 +823,7 @@ check_execv(fd, pid, seqnr, askp, cookie, policyp, errorp)
int *policyp; int *policyp;
int *errorp; int *errorp;
{ {
int error, validated = VALIDATE_NOT_OK; int rval, validated = VALIDATE_NOT_OK;
struct childinfo *info; struct childinfo *info;
#ifdef HAVE_LDAP #ifdef HAVE_LDAP
void *ld; void *ld;
@@ -849,11 +851,15 @@ check_execv(fd, pid, seqnr, askp, cookie, policyp, errorp)
} }
/* Fill in user_cmnd, user_base, user_args and user_stat. */ /* Fill in user_cmnd, user_base, user_args and user_stat. */
decode_args(fd, pid, askp); if (decode_args(fd, pid, askp) != 0) {
*policyp = SYSTR_POLICY_NEVER;
*errorp = errno;
return(0);
}
/* Get processes's cwd. */ /* Get processes's cwd. */
error = ioctl(fd, STRIOCGETCWD, &pid); rval = ioctl(fd, STRIOCGETCWD, &pid);
if (error == -1 || !getcwd(user_cwd, sizeof(user_cwd))) { if (rval == -1 || !getcwd(user_cwd, sizeof(user_cwd))) {
warningx("cannot get working directory"); warningx("cannot get working directory");
(void) strlcpy(user_cwd, "unknown", sizeof(user_cwd)); (void) strlcpy(user_cwd, "unknown", sizeof(user_cwd));
} }
@@ -861,14 +867,15 @@ check_execv(fd, pid, seqnr, askp, cookie, policyp, errorp)
/* /*
* Stat user_cmnd and restore cwd * Stat user_cmnd and restore cwd
*/ */
validated = sudo_goodpath(user_cmnd, user_stat) != NULL; if (sudo_goodpath(user_cmnd, user_stat) == NULL) {
if (error != -1) if (rval != -1)
(void) ioctl(fd, STRIOCRESCWD, 0); (void) ioctl(fd, STRIOCRESCWD, 0);
if (!validated) {
*policyp = SYSTR_POLICY_NEVER; *policyp = SYSTR_POLICY_NEVER;
*errorp = EACCES; *errorp = EACCES;
return(0); return(0);
} }
if (rval != -1)
(void) ioctl(fd, STRIOCRESCWD, 0);
/* Check sudoers and log the result. */ /* Check sudoers and log the result. */
init_defaults(); init_defaults();
@@ -916,7 +923,8 @@ check_execve(fd, pid, seqnr, askp, cookie, policyp, errorp)
#ifdef STRIOCINJECT #ifdef STRIOCINJECT
if (rval > 0 && *policyp == SYSTR_POLICY_PERMIT) { if (rval > 0 && *policyp == SYSTR_POLICY_PERMIT) {
/* read environment into buf, munge, and bung it back */ /* read environment into buf, munge, and bung it back */
update_env(fd, pid, seqnr, askp); if (update_env(fd, pid, seqnr, askp) != 0)
rval = -1;
} }
#endif #endif
return(rval); return(rval);