1 |
jpp |
1.1 |
diff -Nur ./src/parse_args.c.heap-buffer ./src/parse_args.c |
2 |
|
|
--- ./src/parse_args.c.heap-buffer 2012-09-18 09:57:43.000000000 -0400 |
3 |
|
|
+++ ./src/parse_args.c 2021-02-05 15:19:50.450000000 -0500 |
4 |
|
|
@@ -113,6 +113,13 @@ |
5 |
|
|
}; |
6 |
|
|
|
7 |
|
|
/* |
8 |
|
|
+* Default flags allowed when running a command. |
9 |
|
|
+*/ |
10 |
|
|
+#define DEFAULT_VALID_FLAGS (MODE_BACKGROUND|MODE_PRESERVE_ENV|MODE_RESET_HOME|MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_PRESERVE_GROUPS|MODE_SHELL) |
11 |
|
|
+#define EDIT_VALID_FLAGS MODE_NONINTERACTIVE |
12 |
|
|
+#define LIST_VALID_FLAGS (MODE_NONINTERACTIVE|MODE_LONG_LIST) |
13 |
|
|
+#define VALIDATE_VALID_FLAGS MODE_NONINTERACTIVE |
14 |
|
|
+/* |
15 |
|
|
* Command line argument parsing. |
16 |
|
|
* Sets nargc and nargv which corresponds to the argc/argv we'll use |
17 |
|
|
* for the command to be run (if we are running one). |
18 |
|
|
@@ -140,6 +147,7 @@ |
19 |
|
|
if (strcmp(getprogname(), "sudoedit") == 0) { |
20 |
|
|
mode = MODE_EDIT; |
21 |
|
|
sudo_settings[ARG_SUDOEDIT].value = "true"; |
22 |
|
|
+ valid_flags = EDIT_VALID_FLAGS; |
23 |
|
|
} |
24 |
|
|
|
25 |
|
|
/* Load local IP addresses and masks. */ |
26 |
|
|
@@ -205,7 +213,7 @@ |
27 |
|
|
usage_excl(1); |
28 |
|
|
mode = MODE_EDIT; |
29 |
|
|
sudo_settings[ARG_SUDOEDIT].value = "true"; |
30 |
|
|
- valid_flags = MODE_NONINTERACTIVE; |
31 |
|
|
+ valid_flags = EDIT_VALID_FLAGS; |
32 |
|
|
break; |
33 |
|
|
case 'g': |
34 |
|
|
runas_group = optarg; |
35 |
|
|
@@ -213,6 +221,7 @@ |
36 |
|
|
break; |
37 |
|
|
case 'H': |
38 |
|
|
sudo_settings[ARG_SET_HOME].value = "true"; |
39 |
|
|
+ SET(flags, MODE_RESET_HOME); |
40 |
|
|
break; |
41 |
|
|
case 'h': |
42 |
|
|
if (mode && mode != MODE_HELP) { |
43 |
|
|
@@ -244,7 +253,7 @@ |
44 |
|
|
usage_excl(1); |
45 |
|
|
} |
46 |
|
|
mode = MODE_LIST; |
47 |
|
|
- valid_flags = MODE_NONINTERACTIVE|MODE_LONG_LIST; |
48 |
|
|
+ valid_flags = LIST_VALID_FLAGS; |
49 |
|
|
break; |
50 |
|
|
case 'n': |
51 |
|
|
SET(flags, MODE_NONINTERACTIVE); |
52 |
|
|
@@ -252,6 +261,7 @@ |
53 |
|
|
break; |
54 |
|
|
case 'P': |
55 |
|
|
sudo_settings[ARG_PRESERVE_GROUPS].value = "true"; |
56 |
|
|
+ SET(flags, MODE_PRESERVE_GROUPS); |
57 |
|
|
break; |
58 |
|
|
case 'p': |
59 |
|
|
sudo_settings[ARG_PROMPT].value = optarg; |
60 |
|
|
@@ -284,7 +294,7 @@ |
61 |
|
|
if (mode && mode != MODE_VALIDATE) |
62 |
|
|
usage_excl(1); |
63 |
|
|
mode = MODE_VALIDATE; |
64 |
|
|
- valid_flags = MODE_NONINTERACTIVE; |
65 |
|
|
+ valid_flags = VALIDATE_VALID_FLAGS; |
66 |
|
|
break; |
67 |
|
|
case 'V': |
68 |
|
|
if (mode && mode != MODE_VERSION) |
69 |
|
|
@@ -317,7 +327,7 @@ |
70 |
|
|
if (!mode) { |
71 |
|
|
/* Defer -k mode setting until we know whether it is a flag or not */ |
72 |
|
|
if (sudo_settings[ARG_IGNORE_TICKET].value != NULL) { |
73 |
|
|
- if (argc == 0 && !(flags & (MODE_SHELL|MODE_LOGIN_SHELL))) { |
74 |
|
|
+ if (argc == 0 && !ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL)) { |
75 |
|
|
mode = MODE_INVALIDATE; /* -k by itself */ |
76 |
|
|
sudo_settings[ARG_IGNORE_TICKET].value = NULL; |
77 |
|
|
valid_flags = 0; |
78 |
|
|
@@ -377,18 +387,22 @@ |
79 |
|
|
/* |
80 |
|
|
* For shell mode we need to rewrite argv |
81 |
|
|
*/ |
82 |
|
|
- if (ISSET(mode, MODE_RUN) && ISSET(flags, MODE_SHELL)) { |
83 |
|
|
+ if (ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL) && ISSET(mode, MODE_RUN)) { |
84 |
|
|
char **av, *cmnd = NULL; |
85 |
|
|
int ac = 1; |
86 |
|
|
|
87 |
|
|
if (argc != 0) { |
88 |
|
|
/* shell -c "command" */ |
89 |
|
|
char *src, *dst; |
90 |
|
|
- size_t cmnd_size = (size_t) (argv[argc - 1] - argv[0]) + |
91 |
|
|
- strlen(argv[argc - 1]) + 1; |
92 |
|
|
+ size_t size = 0; |
93 |
|
|
+ |
94 |
|
|
+ for (av = argv; *av != NULL; av++) |
95 |
|
|
+ size += strlen(*av) + 1; |
96 |
|
|
+ |
97 |
|
|
+ if (size == 0 || (cmnd = emalloc2(size, 2)) == NULL) |
98 |
|
|
+ exit(1); |
99 |
|
|
|
100 |
|
|
- cmnd = dst = emalloc2(cmnd_size, 2); |
101 |
|
|
- for (av = argv; *av != NULL; av++) { |
102 |
|
|
+ for (dst = cmnd, av = argv; *av != NULL; av++) { |
103 |
|
|
for (src = *av; *src != '\0'; src++) { |
104 |
|
|
/* quote potential meta characters */ |
105 |
|
|
if (!isalnum((unsigned char)*src) && *src != '_' && *src != '-') |
106 |
|
|
diff -Nur ./plugins/sudoers/sudoers.c.heap-buffer ./plugins/sudoers/sudoers.c |
107 |
|
|
--- ./plugins/sudoers/sudoers.c.heap-buffer 2021-02-04 14:45:39.357000000 -0500 |
108 |
|
|
+++ ./plugins/sudoers/sudoers.c 2021-02-04 16:48:14.670000000 -0500 |
109 |
|
|
@@ -492,7 +492,7 @@ |
110 |
|
|
|
111 |
|
|
/* If run as root with SUDO_USER set, set sudo_user.pw to that user. */ |
112 |
|
|
/* XXX - causes confusion when root is not listed in sudoers */ |
113 |
|
|
- if (sudo_mode & (MODE_RUN | MODE_EDIT) && prev_user != NULL) { |
114 |
|
|
+ if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT) && prev_user != NULL) { |
115 |
|
|
if (user_uid == 0 && strcmp(prev_user, "root") != 0) { |
116 |
|
|
struct passwd *pw; |
117 |
|
|
|
118 |
|
|
@@ -927,8 +927,8 @@ |
119 |
|
|
if (user_cmnd == NULL) |
120 |
|
|
user_cmnd = NewArgv[0]; |
121 |
|
|
|
122 |
|
|
- if (sudo_mode & (MODE_RUN | MODE_EDIT | MODE_CHECK)) { |
123 |
|
|
- if (ISSET(sudo_mode, MODE_RUN | MODE_CHECK)) { |
124 |
|
|
+ if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT|MODE_CHECK)) { |
125 |
|
|
+ if (!ISSET(sudo_mode, MODE_EDIT)) { |
126 |
|
|
if (def_secure_path && !user_is_exempt()) |
127 |
|
|
path = def_secure_path; |
128 |
|
|
set_perms(PERM_RUNAS); |
129 |
|
|
@@ -953,7 +953,8 @@ |
130 |
|
|
for (size = 0, av = NewArgv + 1; *av; av++) |
131 |
|
|
size += strlen(*av) + 1; |
132 |
|
|
user_args = emalloc(size); |
133 |
|
|
- if (ISSET(sudo_mode, MODE_SHELL|MODE_LOGIN_SHELL)) { |
134 |
|
|
+ if (ISSET(sudo_mode, MODE_SHELL|MODE_LOGIN_SHELL) && |
135 |
|
|
+ ISSET(sudo_mode, MODE_RUN)) { |
136 |
|
|
/* |
137 |
|
|
* When running a command via a shell, the sudo front-end |
138 |
|
|
* escapes potential meta chars. We unescape non-spaces |
139 |
|
|
@@ -961,10 +962,18 @@ |
140 |
|
|
*/ |
141 |
|
|
for (to = user_args, av = NewArgv + 1; (from = *av); av++) { |
142 |
|
|
while (*from) { |
143 |
|
|
- if (from[0] == '\\' && !isspace((unsigned char)from[1])) |
144 |
|
|
+ if (from[0] == '\\' && from[1] != '\0' && |
145 |
|
|
+ !isspace((unsigned char)from[1])) { |
146 |
|
|
from++; |
147 |
|
|
+ } |
148 |
|
|
+ if (size - (to - user_args) < 1) { |
149 |
|
|
+ errorx(1, _("internal error, %s overflow"), __func__); /*debug_return_int(3);NOT_FOUND_ERROR*/ |
150 |
|
|
+ } |
151 |
|
|
*to++ = *from++; |
152 |
|
|
} |
153 |
|
|
+ if (size - (to - user_args) < 1) { |
154 |
|
|
+ errorx(1, _("internal error, %s overflow"), __func__); /*debug_return_int(3);NOT_FOUND_ERROR*/ |
155 |
|
|
+ } |
156 |
|
|
*to++ = ' '; |
157 |
|
|
} |
158 |
|
|
*--to = '\0'; |