diff options
| author | Todd C. Miller <Todd.Miller@sudo.ws> | 2023-05-08 17:04:38 -0600 |
|---|---|---|
| committer | Todd C. Miller <Todd.Miller@sudo.ws> | 2023-05-08 17:04:38 -0600 |
| commit | ca71add99f5f2d90f8d1559f0a4e667314a414e7 (patch) | |
| tree | 332c02dcfdc21f61394868c085781d4f9ae3c3fc | |
| parent | 6c8f8d3e7f9d43db5d9cae47ec8cffdc93c77861 (diff) | |
| download | sudo-ca71add99f5f2d90f8d1559f0a4e667314a414e7.tar.gz | |
Move sudoers search path to struct sudoers_parser_config.
That way we can avoid passing it to init_parser() directly.
We still need sudoers_search_path to be shared between the lexer
and the parser.
| -rw-r--r-- | plugins/sudoers/cvtsudoers.c | 2 | ||||
| -rw-r--r-- | plugins/sudoers/file.c | 6 | ||||
| -rw-r--r-- | plugins/sudoers/gram.c | 28 | ||||
| -rw-r--r-- | plugins/sudoers/gram.y | 28 | ||||
| -rw-r--r-- | plugins/sudoers/parse.h | 4 | ||||
| -rw-r--r-- | plugins/sudoers/policy.c | 8 | ||||
| -rw-r--r-- | plugins/sudoers/regress/fuzz/fuzz_sudoers.c | 2 | ||||
| -rw-r--r-- | plugins/sudoers/sudoers.h | 1 | ||||
| -rw-r--r-- | plugins/sudoers/testsudoers.c | 2 | ||||
| -rw-r--r-- | plugins/sudoers/visudo.c | 7 |
10 files changed, 42 insertions, 46 deletions
diff --git a/plugins/sudoers/cvtsudoers.c b/plugins/sudoers/cvtsudoers.c index 7eeeae9c7..3436f87af 100644 --- a/plugins/sudoers/cvtsudoers.c +++ b/plugins/sudoers/cvtsudoers.c @@ -770,7 +770,7 @@ parse_sudoers(const char *input_file, struct cvtsudoers_config *conf) input_file = "stdin"; } else if ((sudoersin = fopen(input_file, "r")) == NULL) sudo_fatal(U_("unable to open %s"), input_file); - init_parser(input_file, NULL, NULL); + init_parser(input_file, NULL); if (sudoersparse() && !parse_error) { sudo_warnx(U_("failed to parse %s file, unknown error"), input_file); parse_error = true; diff --git a/plugins/sudoers/file.c b/plugins/sudoers/file.c index 7e03df751..b274c2831 100644 --- a/plugins/sudoers/file.c +++ b/plugins/sudoers/file.c @@ -73,10 +73,10 @@ sudo_file_open(struct sudo_nss *nss) handle = malloc(sizeof(*handle)); if (handle != NULL) { - const char *path_sudoers = policy_path_sudoers(); - handle->fp = open_sudoers(path_sudoers, &outfile, false, NULL); + const struct sudoers_parser_config *conf = policy_sudoers_conf(); + handle->fp = open_sudoers(conf->sudoers_path, &outfile, false, NULL); if (handle->fp != NULL) { - init_parser(NULL, path_sudoers, policy_sudoers_conf()); + init_parser(NULL, policy_sudoers_conf()); init_parse_tree(&handle->parse_tree, NULL, NULL, nss); if (outfile != NULL) { /* Update path to open sudoers file. */ diff --git a/plugins/sudoers/gram.c b/plugins/sudoers/gram.c index f5a046bb9..b45bcdfe3 100644 --- a/plugins/sudoers/gram.c +++ b/plugins/sudoers/gram.c @@ -3967,8 +3967,7 @@ free_parse_tree(struct sudoers_parse_tree *parse_tree) * the current sudoers file to path. */ bool -init_parser(const char *file, const char *path, - const struct sudoers_parser_config *conf) +init_parser(const char *file, const struct sudoers_parser_config *conf) { bool ret = true; debug_decl(init_parser, SUDOERS_DEBUG_PARSER); @@ -3976,6 +3975,15 @@ init_parser(const char *file, const char *path, free_parse_tree(&parsed_policy); parser_leak_init(); init_lexer(); + parse_error = false; + + if (conf != NULL) { + parser_conf = *conf; + } else { + const struct sudoers_parser_config def_conf = + SUDOERS_PARSER_CONFIG_INITIALIZER; + parser_conf = def_conf; + } sudo_rcstr_delref(sudoers); if (file != NULL) { @@ -3988,8 +3996,9 @@ init_parser(const char *file, const char *path, } sudo_rcstr_delref(sudoers_search_path); - if (path != NULL) { - if ((sudoers_search_path = sudo_rcstr_dup(path)) == NULL) { + if (parser_conf.sudoers_path != NULL) { + sudoers_search_path = sudo_rcstr_dup(parser_conf.sudoers_path); + if (sudoers_search_path == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); ret = false; } @@ -3997,22 +4006,13 @@ init_parser(const char *file, const char *path, sudoers_search_path = NULL; } - if (conf != NULL) { - parser_conf = *conf; - } else { - const struct sudoers_parser_config def_conf = - SUDOERS_PARSER_CONFIG_INITIALIZER; - parser_conf = def_conf; - } - parse_error = false; - debug_return_bool(ret); } bool reset_parser(void) { - return init_parser(NULL, NULL, NULL); + return init_parser(NULL, NULL); } /* diff --git a/plugins/sudoers/gram.y b/plugins/sudoers/gram.y index d0f264c66..b579f22c7 100644 --- a/plugins/sudoers/gram.y +++ b/plugins/sudoers/gram.y @@ -1784,8 +1784,7 @@ free_parse_tree(struct sudoers_parse_tree *parse_tree) * the current sudoers file to path. */ bool -init_parser(const char *file, const char *path, - const struct sudoers_parser_config *conf) +init_parser(const char *file, const struct sudoers_parser_config *conf) { bool ret = true; debug_decl(init_parser, SUDOERS_DEBUG_PARSER); @@ -1793,6 +1792,15 @@ init_parser(const char *file, const char *path, free_parse_tree(&parsed_policy); parser_leak_init(); init_lexer(); + parse_error = false; + + if (conf != NULL) { + parser_conf = *conf; + } else { + const struct sudoers_parser_config def_conf = + SUDOERS_PARSER_CONFIG_INITIALIZER; + parser_conf = def_conf; + } sudo_rcstr_delref(sudoers); if (file != NULL) { @@ -1805,8 +1813,9 @@ init_parser(const char *file, const char *path, } sudo_rcstr_delref(sudoers_search_path); - if (path != NULL) { - if ((sudoers_search_path = sudo_rcstr_dup(path)) == NULL) { + if (parser_conf.sudoers_path != NULL) { + sudoers_search_path = sudo_rcstr_dup(parser_conf.sudoers_path); + if (sudoers_search_path == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); ret = false; } @@ -1814,22 +1823,13 @@ init_parser(const char *file, const char *path, sudoers_search_path = NULL; } - if (conf != NULL) { - parser_conf = *conf; - } else { - const struct sudoers_parser_config def_conf = - SUDOERS_PARSER_CONFIG_INITIALIZER; - parser_conf = def_conf; - } - parse_error = false; - debug_return_bool(ret); } bool reset_parser(void) { - return init_parser(NULL, NULL, NULL); + return init_parser(NULL, NULL); } /* diff --git a/plugins/sudoers/parse.h b/plugins/sudoers/parse.h index 204382b53..a69bc5a10 100644 --- a/plugins/sudoers/parse.h +++ b/plugins/sudoers/parse.h @@ -326,6 +326,7 @@ struct cmnd_info { * Parse configuration settings, passed to init_parser(). */ struct sudoers_parser_config { + const char *sudoers_path; bool strict; bool recovery; int verbose; @@ -334,6 +335,7 @@ struct sudoers_parser_config { gid_t sudoers_gid; }; #define SUDOERS_PARSER_CONFIG_INITIALIZER { \ + NULL, /* sudoers_path */ \ false, /* strict */ \ true, /* recovery */ \ 1, /* verbose level 1 */ \ @@ -392,7 +394,7 @@ int check_aliases(struct sudoers_parse_tree *parse_tree, bool strict, bool quiet /* gram.y */ extern struct sudoers_parse_tree parsed_policy; extern bool (*sudoers_error_hook)(const char *file, int line, int column, const char *fmt, va_list args); -bool init_parser(const char *file, const char *path, const struct sudoers_parser_config *conf); +bool init_parser(const char *file, const struct sudoers_parser_config *conf); bool reset_parser(void); void free_member(struct member *m); void free_members(struct member_list *members); diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c index a82393df2..5a3c2a038 100644 --- a/plugins/sudoers/policy.c +++ b/plugins/sudoers/policy.c @@ -180,6 +180,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } } } + parser_conf.sudoers_path = path_sudoers; /* Parse command line settings. */ sudo_user.flags = 0; @@ -630,13 +631,6 @@ policy_sudoers_conf(void) return &parser_conf; } -/* Return the path to the sudoers file, which may be set in the plugin args. */ -const char * -policy_path_sudoers(void) -{ - return path_sudoers; -} - /* Return the path to ldap.conf file, which may be set in the plugin args. */ const char * policy_path_ldap_conf(void) diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c index 408bab363..8fbaf8449 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c +++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c @@ -312,7 +312,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) /* Initialize defaults and parse sudoers. */ init_defaults(); - init_parser("sudoers", NULL, NULL); + init_parser("sudoers", NULL); sudoersrestart(fp); sudoersparse(); reparent_parse_tree(&parse_tree); diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index 6cf967c38..f0a193771 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -448,7 +448,6 @@ void sudoers_debug_deregister(void); int sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults); bool sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v); const struct sudoers_parser_config *policy_sudoers_conf(void); -const char *policy_path_sudoers(void); const char *policy_path_ldap_conf(void); const char *policy_path_ldap_secret(void); diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c index c2a699d9c..b5c8f7899 100644 --- a/plugins/sudoers/testsudoers.c +++ b/plugins/sudoers/testsudoers.c @@ -280,7 +280,7 @@ main(int argc, char *argv[]) /* Initialize the parser and set sudoers filename to "sudoers". */ parser_conf.strict = true; parser_conf.verbose = 2; - init_parser("sudoers", NULL, &parser_conf); + init_parser("sudoers", &parser_conf); /* * Set runas passwd/group entries based on command line or sudoers. diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 2a17194ba..42bae3d6d 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -291,7 +291,8 @@ main(int argc, char *argv[]) */ parser_conf.strict = true; parser_conf.verbose = quiet ? 0 : 2; - init_parser(NULL, path_sudoers, &parser_conf); + parser_conf.sudoers_path = path_sudoers; + init_parser(NULL, &parser_conf); if ((sudoersin = open_sudoers(path_sudoers, &sudoers, true, NULL)) == NULL) exit(EXIT_FAILURE); sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); @@ -654,7 +655,7 @@ reparse_sudoers(char *editor, int editor_argc, char **editor_argv, /* Clean slate for each parse */ if (!init_defaults()) sudo_fatalx("%s", U_("unable to initialize sudoers default values")); - init_parser(sp->opath, path_sudoers, &parser_conf); + init_parser(sp->opath, &parser_conf); sp->errorline = -1; /* Parse the sudoers temp file(s) */ @@ -1071,7 +1072,7 @@ check_syntax(const char *path, bool quiet, bool strict, bool check_owner, goto done; } } - init_parser(fname, path, &parser_conf); + init_parser(fname, &parser_conf); sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); if (sudoersparse() && !parse_error) { if (!quiet) |