diff options
| author | Todd C. Miller <Todd.Miller@courtesan.com> | 1998-04-06 03:15:39 +0000 |
|---|---|---|
| committer | Todd C. Miller <Todd.Miller@courtesan.com> | 1998-04-06 03:15:39 +0000 |
| commit | 5632c730911d3882b8a30ec62a65a0c17e4798b9 (patch) | |
| tree | 9e2a301c91f139a09f44f6f6671014838612a971 | |
| parent | 3ffcb6410f38bec43264b4cee0f202cd1d13a13d (diff) | |
| download | sudo-5632c730911d3882b8a30ec62a65a0c17e4798b9.tar.gz | |
MAX* + 1 -> MAX*
| -rw-r--r-- | check.c | 2 | ||||
| -rw-r--r-- | find_path.c | 4 | ||||
| -rw-r--r-- | parse.c | 12 | ||||
| -rw-r--r-- | sudo.c | 14 | ||||
| -rw-r--r-- | testsudoers.c | 8 |
5 files changed, 22 insertions, 18 deletions
@@ -124,7 +124,7 @@ int user_is_exempt __P((void)); * Globals */ static int timedir_is_good; -static char timestampfile[MAXPATHLEN + 1]; +static char timestampfile[MAXPATHLEN]; #ifdef HAVE_SECURID union config_record configure; #endif /* HAVE_SECURID */ diff --git a/find_path.c b/find_path.c index 1d5fb098c..4e1165939 100644 --- a/find_path.c +++ b/find_path.c @@ -94,7 +94,7 @@ extern char *strdup __P((const char *)); char * find_path(file) char *file; /* file to find */ { - static char command[MAXPATHLEN + 1]; /* qualified filename */ + static char command[MAXPATHLEN]; /* qualified filename */ register char *n; /* for traversing path */ char *path = NULL; /* contents of PATH env var */ char *origpath; /* so we can free path later */ @@ -105,7 +105,7 @@ char * find_path(file) command[0] = '\0'; - if (strlen(file) > MAXPATHLEN) { + if (strlen(file) >= MAXPATHLEN) { errno = ENAMETOOLONG; (void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], file); exit(1); @@ -211,13 +211,15 @@ int command_matches(cmnd, user_args, path, sudoers_args) struct stat pst; DIR *dirp; struct dirent *dent; - char buf[MAXPATHLEN+1]; + char buf[MAXPATHLEN]; static char *c; /* don't bother with pseudo commands like "validate" */ if (strchr(cmnd, '/') == NULL) return(FALSE); + plen = strlen(path); + /* only need to stat cmnd once since it never changes */ if (cmnd_st.st_dev == 0) { if (stat(cmnd, &cmnd_st) < 0) @@ -249,7 +251,6 @@ int command_matches(cmnd, user_args, path, sudoers_args) else return(FALSE); } else { - plen = strlen(path); if (path[plen - 1] != '/') { #ifdef FAST_MATCH char *p; @@ -291,6 +292,9 @@ int command_matches(cmnd, user_args, path, sudoers_args) return(FALSE); while ((dent = readdir(dirp)) != NULL) { + /* ignore paths > MAXPATHLEN (XXX - log) */ + if (plen + strlen(dent->d_name) >= sizeof(buf)) + continue; strcpy(buf, path); strcat(buf, dent->d_name); #ifdef FAST_MATCH @@ -404,13 +408,13 @@ int netgr_matches(netgr, host, user) #ifdef HAVE_GETDOMAINNAME /* get the domain name (if any) */ if (domain == (char *) -1) { - if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) { + if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) { perror("malloc"); (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); exit(1); } - if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') { + if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') { (void) free(domain); domain = NULL; } @@ -146,9 +146,9 @@ char *cmnd = NULL; char *cmnd_args = NULL; char *tty = "unknown"; char *prompt; -char host[MAXHOSTNAMELEN + 1]; +char host[MAXHOSTNAMELEN]; char *shost; -char cwd[MAXPATHLEN + 1]; +char cwd[MAXPATHLEN]; FILE *sudoers_fp = NULL; struct stat cmnd_st; static char *runas_homedir = NULL; @@ -409,7 +409,7 @@ static void load_globals(sudo_mode) if ((user_pw_ent = sudo_getpwuid(getuid())) == NULL) { /* need to make a fake user_pw_ent */ struct passwd pw_ent; - char pw_name[MAX_UID_T_LEN+1]; + char pw_name[MAX_UID_T_LEN + 1]; /* fill in uid and name fields with the uid */ pw_ent.pw_uid = getuid(); @@ -459,10 +459,10 @@ static void load_globals(sudo_mode) /* * so we know where we are... (do as user) */ - if (!getwd(cwd)) { + if (!getcwd(cwd, sizeof(cwd))) { /* try as root... */ set_perms(PERM_ROOT, sudo_mode); - if (!getwd(cwd)) { + if (!getcwd(cwd), sizeof(cwd)) { (void) fprintf(stderr, "%s: Can't get working directory!\n", Argv[0]); (void) strcpy(cwd, "unknown"); @@ -474,7 +474,7 @@ static void load_globals(sudo_mode) * load the host global variable from gethostname() and use * gethostbyname() if we want to be sure it is fully qualified. */ - if ((gethostname(host, MAXHOSTNAMELEN))) { + if ((gethostname(host, sizeof(host)))) { strcpy(host, "localhost"); log_error(GLOBAL_NO_HOSTNAME); inform_user(GLOBAL_NO_HOSTNAME); @@ -754,7 +754,7 @@ static void add_env(contiguous) static void load_cmnd(sudo_mode) int sudo_mode; { - if (strlen(NewArgv[0]) > MAXPATHLEN) { + if (strlen(NewArgv[0]) >= MAXPATHLEN) { errno = ENAMETOOLONG; (void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0], NewArgv[0]); diff --git a/testsudoers.c b/testsudoers.c index 2e9e68ec6..7820a9583 100644 --- a/testsudoers.c +++ b/testsudoers.c @@ -76,9 +76,9 @@ extern int num_interfaces; char *cmnd = NULL; char *cmnd_args = NULL; char *runas_user = "root"; -char host[MAXHOSTNAMELEN+1]; +char host[MAXHOSTNAMELEN]; char *shost; -char cwd[MAXPATHLEN+1]; +char cwd[MAXPATHLEN]; struct passwd *user_pw_ent; char **Argv, **NewArgv; int Argc, NewArgc; @@ -224,13 +224,13 @@ int netgr_matches(netgr, host, user) #ifdef HAVE_GETDOMAINNAME /* get the domain name (if any) */ if (domain == (char *) -1) { - if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) { + if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) { perror("malloc"); (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); exit(1); } - if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') { + if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') { (void) free(domain); domain = NULL; } |