diff options
Diffstat (limited to 'parse.c')
-rw-r--r-- | parse.c | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -211,13 +211,15 @@ int command_matches(cmnd, user_args, path, sudoers_args) struct stat pst; DIR *dirp; struct dirent *dent; - char buf[MAXPATHLEN+1]; + char buf[MAXPATHLEN]; static char *c; /* don't bother with pseudo commands like "validate" */ if (strchr(cmnd, '/') == NULL) return(FALSE); + plen = strlen(path); + /* only need to stat cmnd once since it never changes */ if (cmnd_st.st_dev == 0) { if (stat(cmnd, &cmnd_st) < 0) @@ -249,7 +251,6 @@ int command_matches(cmnd, user_args, path, sudoers_args) else return(FALSE); } else { - plen = strlen(path); if (path[plen - 1] != '/') { #ifdef FAST_MATCH char *p; @@ -291,6 +292,9 @@ int command_matches(cmnd, user_args, path, sudoers_args) return(FALSE); while ((dent = readdir(dirp)) != NULL) { + /* ignore paths > MAXPATHLEN (XXX - log) */ + if (plen + strlen(dent->d_name) >= sizeof(buf)) + continue; strcpy(buf, path); strcat(buf, dent->d_name); #ifdef FAST_MATCH @@ -404,13 +408,13 @@ int netgr_matches(netgr, host, user) #ifdef HAVE_GETDOMAINNAME /* get the domain name (if any) */ if (domain == (char *) -1) { - if ((domain = (char *) malloc(MAXHOSTNAMELEN + 1)) == NULL) { + if ((domain = (char *) malloc(MAXHOSTNAMELEN)) == NULL) { perror("malloc"); (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); exit(1); } - if (getdomainname(domain, MAXHOSTNAMELEN + 1) != 0 || *domain == '\0') { + if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') { (void) free(domain); domain = NULL; } |