mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Fix some warnings from pvs-studio

Browse Source
This commit is contained in:
Todd C. Miller 2020-08-12 13:45:09 -06:00
parent fb8ed8ba66
commit 961a4afe67
45 changed files with 330 additions and 314 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.in
View File

@ -101,7 +101,7 @@ SPLINT_OPTS = -D__restrict= -checks
# Default PVS-studio options when run from the top-level Makefile # Default PVS-studio options when run from the top-level Makefile
PVS_CFG = $(top_builddir)/PVS-Studio.cfg PVS_CFG = $(top_builddir)/PVS-Studio.cfg
PVS_IGNORE = 'V707,V011,V002,V536' PVS_IGNORE = 'V707,V011,V002,V536,V568'
PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE) PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
all: config.status all: config.status

46
lib/iolog/iolog_fileio.c
View File

@ -121,23 +121,21 @@ iolog_mkdirs(char *path)
mode_t omask; mode_t omask;
struct stat sb; struct stat sb;
int dfd; int dfd;
bool ok = false, uid_changed = false; bool ok = true, uid_changed = false;
debug_decl(iolog_mkdirs, SUDO_DEBUG_UTIL); debug_decl(iolog_mkdirs, SUDO_DEBUG_UTIL);
if ((dfd = open(path, O_RDONLY|O_NONBLOCK)) != -1) dfd = open(path, O_RDONLY|O_NONBLOCK);
ok = true; if (dfd == -1 && errno == EACCES) {
if (!ok && errno == EACCES) {
/* Try again as the I/O log owner (for NFS). */ /* Try again as the I/O log owner (for NFS). */
if (io_swapids(false)) { if (io_swapids(false)) {
if ((dfd = open(path, O_RDONLY|O_NONBLOCK)) != -1) dfd = open(path, O_RDONLY|O_NONBLOCK);
ok = true; if (!io_swapids(true)) {
if (!io_swapids(true))
ok = false; ok = false;
goto done;
}
} }
} }
if (ok && fstat(dfd, &sb) == -1) if (dfd != -1 && fstat(dfd, &sb) != -1) {
ok = false;
if (ok) {
if (S_ISDIR(sb.st_mode)) { if (S_ISDIR(sb.st_mode)) {
if (sb.st_uid != iolog_uid || sb.st_gid != iolog_gid) { if (sb.st_uid != iolog_uid || sb.st_gid != iolog_gid) {
if (fchown(dfd, iolog_uid, iolog_gid) != 0) { if (fchown(dfd, iolog_uid, iolog_gid) != 0) {
@ -473,21 +471,19 @@ iolog_nextid(char *iolog_dir, char sessid[7])
} }
/* Read current seq number (base 36). */ /* Read current seq number (base 36). */
if (id == 0) { nread = read(fd, buf, sizeof(buf) - 1);
nread = read(fd, buf, sizeof(buf) - 1); if (nread != 0) {
if (nread != 0) { if (nread == -1) {
if (nread == -1) { goto done;
goto done; }
} if (buf[nread - 1] == '\n')
if (buf[nread - 1] == '\n') nread--;
nread--; buf[nread] = '\0';
buf[nread] = '\0'; id = strtoul(buf, &ep, 36);
id = strtoul(buf, &ep, 36); if (ep == buf || *ep != '\0' || id >= sessid_max) {
if (ep == buf || *ep != '\0' || id >= sessid_max) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "%s: bad sequence number: %s", pathbuf, buf);
"%s: bad sequence number: %s", pathbuf, buf); id = 0;
id = 0;
}
} }
} }
id++; id++;

26
lib/iolog/iolog_json.c
View File

@ -301,14 +301,14 @@ json_parse_string(char **strp)
end++; end++;
} }
if (*end != '"') { if (*end != '"') {
sudo_warnx(U_("missing double quote in name")); sudo_warnx("%s", U_("missing double quote in name"));
debug_return_str(NULL); debug_return_str(NULL);
} }
len = (size_t)(end - src); len = (size_t)(end - src);
/* Copy string, flattening escaped chars. */ /* Copy string, flattening escaped chars. */
dst = ret = malloc(len + 1); dst = ret = malloc(len + 1);
if (ret == NULL) if (dst == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
while (src < end) { while (src < end) {
char ch = *src++; char ch = *src++;
@ -603,7 +603,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
cp++; cp++;
if (stack.depth == 0 || frame->parent == NULL || if (stack.depth == 0 || frame->parent == NULL ||
frame->parent->type != JSON_OBJECT) { frame->parent->type != JSON_OBJECT) {
sudo_warnx(U_("unmatched close brace")); sudo_warnx("%s", U_("unmatched close brace"));
goto parse_error; goto parse_error;
} }
frame = stack.frames[--stack.depth]; frame = stack.frames[--stack.depth];
@ -612,7 +612,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
cp++; cp++;
if (frame->parent == NULL) { if (frame->parent == NULL) {
/* Must have an enclosing object. */ /* Must have an enclosing object. */
sudo_warnx(U_("unexpected array")); sudo_warnx("%s", U_("unexpected array"));
goto parse_error; goto parse_error;
} }
frame = json_stack_push(&stack, &frame->items, frame, frame = json_stack_push(&stack, &frame->items, frame,
@ -625,7 +625,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
cp++; cp++;
if (stack.depth == 0 || frame->parent == NULL || if (stack.depth == 0 || frame->parent == NULL ||
frame->parent->type != JSON_ARRAY) { frame->parent->type != JSON_ARRAY) {
sudo_warnx(U_("unmatched close bracket")); sudo_warnx("%s", U_("unmatched close bracket"));
goto parse_error; goto parse_error;
} }
frame = stack.frames[--stack.depth]; frame = stack.frames[--stack.depth];
@ -633,7 +633,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
case '"': case '"':
if (frame->parent == NULL) { if (frame->parent == NULL) {
/* Must have an enclosing object. */ /* Must have an enclosing object. */
sudo_warnx(U_("unexpected string")); sudo_warnx("%s", U_("unexpected string"));
goto parse_error; goto parse_error;
} }
@ -643,7 +643,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
goto parse_error; goto parse_error;
/* TODO: allow colon on next line? */ /* TODO: allow colon on next line? */
if (*cp++ != ':') { if (*cp++ != ':') {
sudo_warnx(U_("missing colon after name")); sudo_warnx("%s", U_("missing colon after name"));
goto parse_error; goto parse_error;
} }
} else { } else {
@ -654,7 +654,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
break; break;
case 't': case 't':
if (!expect_value) { if (!expect_value) {
sudo_warnx(U_("unexpected boolean")); sudo_warnx("%s", U_("unexpected boolean"));
goto parse_error; goto parse_error;
} }
if (strncmp(cp, "true", sizeof("true") - 1) != 0) if (strncmp(cp, "true", sizeof("true") - 1) != 0)
@ -669,7 +669,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
break; break;
case 'f': case 'f':
if (!expect_value) { if (!expect_value) {
sudo_warnx(U_("unexpected boolean")); sudo_warnx("%s", U_("unexpected boolean"));
goto parse_error; goto parse_error;
} }
if (strncmp(cp, "false", sizeof("false") - 1) != 0) if (strncmp(cp, "false", sizeof("false") - 1) != 0)
@ -684,7 +684,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
break; break;
case 'n': case 'n':
if (!expect_value) { if (!expect_value) {
sudo_warnx(U_("unexpected boolean")); sudo_warnx("%s", U_("unexpected boolean"));
goto parse_error; goto parse_error;
} }
if (strncmp(cp, "null", sizeof("null") - 1) != 0) if (strncmp(cp, "null", sizeof("null") - 1) != 0)
@ -700,7 +700,7 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
case '+': case '-': case '0': case '1': case '2': case '3': case '+': case '-': case '0': case '1': case '2': case '3':
case '4': case '5': case '6': case '7': case '8': case '9': case '4': case '5': case '6': case '7': case '8': case '9':
if (!expect_value) { if (!expect_value) {
sudo_warnx(U_("unexpected number")); sudo_warnx("%s", U_("unexpected number"));
goto parse_error; goto parse_error;
} }
/* XXX - strtonumx() would be simpler here. */ /* XXX - strtonumx() would be simpler here. */
@ -727,9 +727,9 @@ iolog_parse_json(FILE *fp, const char *filename, struct json_object *root)
if (stack.depth != 0) { if (stack.depth != 0) {
frame = stack.frames[stack.depth - 1]; frame = stack.frames[stack.depth - 1];
if (frame->parent == NULL || frame->parent->type == JSON_OBJECT) if (frame->parent == NULL || frame->parent->type == JSON_OBJECT)
sudo_warnx(U_("unmatched close brace")); sudo_warnx("%s", U_("unmatched close brace"));
else else
sudo_warnx(U_("unmatched close bracket")); sudo_warnx("%s", U_("unmatched close bracket"));
goto parse_error; goto parse_error;
} }

6
lib/util/aix.c
View File

@ -86,7 +86,7 @@ aix_setlimits(char *user)
debug_decl(aix_setlimits, SUDO_DEBUG_UTIL); debug_decl(aix_setlimits, SUDO_DEBUG_UTIL);
if (setuserdb(S_READ) != 0) { if (setuserdb(S_READ) != 0) {
sudo_warn(U_("unable to open userdb")); sudo_warn("%s", U_("unable to open userdb"));
debug_return_int(-1); debug_return_int(-1);
} }
@ -166,7 +166,7 @@ aix_getauthregistry_v1(char *user, char *saved_registry)
char *registry; char *registry;
if (setuserdb(S_READ) != 0) { if (setuserdb(S_READ) != 0) {
sudo_warn(U_("unable to open userdb")); sudo_warn("%s", U_("unable to open userdb"));
goto done; goto done;
} }
ret = getuserattr(user, S_REGISTRY, &registry, SEC_CHAR); ret = getuserattr(user, S_REGISTRY, &registry, SEC_CHAR);
@ -246,7 +246,7 @@ aix_restoreauthdb_v1(void)
debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL); debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL);
if (setauthdb(old_registry, NULL) != 0) { if (setauthdb(old_registry, NULL) != 0) {
sudo_warn(U_("unable to restore registry")); sudo_warn("%s", U_("unable to restore registry"));
ret = -1; ret = -1;
} else { } else {
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,

1
lib/util/sudo_debug.c
View File

@ -160,7 +160,6 @@ sudo_debug_new_output(struct sudo_debug_instance *instance,
output->filename = strdup(debug_file->debug_file); output->filename = strdup(debug_file->debug_file);
if (output->filename == NULL) if (output->filename == NULL)
goto oom; goto oom;
output->fd = -1;
/* Init per-subsystems settings to -1 since 0 is a valid priority. */ /* Init per-subsystems settings to -1 since 0 is a valid priority. */
for (j = 0; j <= instance->max_subsystem; j++) for (j = 0; j <= instance->max_subsystem; j++)

14
logsrvd/logsrvd.c
View File

@ -1488,7 +1488,7 @@ new_connection(int sock, bool tls, const struct sockaddr *sa,
sizeof(closure->ipaddr)); sizeof(closure->ipaddr));
#endif /* HAVE_STRUCT_IN6_ADDR */ #endif /* HAVE_STRUCT_IN6_ADDR */
} else { } else {
sudo_fatal(U_("unable to get remote IP addr")); sudo_fatal("%s", U_("unable to get remote IP addr"));
goto bad; goto bad;
} }
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
@ -1524,7 +1524,7 @@ new_connection(int sock, bool tls, const struct sockaddr *sa,
/* Enable SSL_accept to begin handshake with client. */ /* Enable SSL_accept to begin handshake with client. */
if (sudo_ev_add(evbase, closure->ssl_accept_ev, if (sudo_ev_add(evbase, closure->ssl_accept_ev,
logsrvd_conf_get_sock_timeout(), false) == -1) { logsrvd_conf_get_sock_timeout(), false) == -1) {
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
} }
@ -1646,7 +1646,7 @@ register_listener(struct listen_address *addr, struct sudo_event_base *evbase)
if (l->ev == NULL) if (l->ev == NULL)
sudo_fatal(NULL); sudo_fatal(NULL);
if (sudo_ev_add(evbase, l->ev, NULL, false) == -1) if (sudo_ev_add(evbase, l->ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
TAILQ_INSERT_TAIL(&listeners, l, entries); TAILQ_INSERT_TAIL(&listeners, l, entries);
debug_return_bool(true); debug_return_bool(true);
@ -1700,7 +1700,7 @@ server_reload(struct sudo_event_base *base)
if (logsrvd_conf_read(conf_file)) { if (logsrvd_conf_read(conf_file)) {
/* Re-initialize listeners and TLS context. */ /* Re-initialize listeners and TLS context. */
if (!server_setup(base)) if (!server_setup(base))
sudo_fatalx(U_("unable setup listen socket")); sudo_fatalx("%s", U_("unable setup listen socket"));
/* Re-initialize debugging. */ /* Re-initialize debugging. */
if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) != -1) { if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) != -1) {
@ -1746,7 +1746,7 @@ register_signal(int signo, struct sudo_event_base *base)
if (ev == NULL) if (ev == NULL)
sudo_fatal(NULL); sudo_fatal(NULL);
if (sudo_ev_add(base, ev, NULL, false) == -1) if (sudo_ev_add(base, ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
debug_return; debug_return;
} }
@ -1895,7 +1895,7 @@ main(int argc, char *argv[])
sudo_conf_debug_files(getprogname())); sudo_conf_debug_files(getprogname()));
if (protobuf_c_version_number() < 1003000) if (protobuf_c_version_number() < 1003000)
sudo_fatalx(U_("Protobuf-C version 1.3 or higher required")); sudo_fatalx("%s", U_("Protobuf-C version 1.3 or higher required"));
while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) { while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
switch (ch) { switch (ch) {
@ -1934,7 +1934,7 @@ main(int argc, char *argv[])
/* Initialize listeners and TLS context. */ /* Initialize listeners and TLS context. */
if (!server_setup(evbase)) if (!server_setup(evbase))
sudo_fatalx(U_("unable setup listen socket")); sudo_fatalx("%s", U_("unable setup listen socket"));
register_signal(SIGHUP, evbase); register_signal(SIGHUP, evbase);
register_signal(SIGINT, evbase); register_signal(SIGINT, evbase);

20
logsrvd/sendlog.c
View File

@ -183,7 +183,7 @@ connect_server(const char *host, const char *port)
if (*server_ip == '\0') { if (*server_ip == '\0') {
if (inet_ntop(res->ai_family, res->ai_addr, server_ip, if (inet_ntop(res->ai_family, res->ai_addr, server_ip,
sizeof(server_ip)) == NULL) { sizeof(server_ip)) == NULL) {
sudo_warnx(U_("unable to get server IP addr")); sudo_warnx("%s", U_("unable to get server IP addr"));
} }
} }
break; /* success */ break; /* success */
@ -1077,7 +1077,7 @@ server_msg_cb(int fd, int what, void *v)
} }
if (what == SUDO_EV_TIMEOUT) { if (what == SUDO_EV_TIMEOUT) {
sudo_warnx(U_("timeout reading from server")); sudo_warnx("%s", U_("timeout reading from server"));
goto bad; goto bad;
} }
@ -1106,7 +1106,7 @@ server_msg_cb(int fd, int what, void *v)
if (!sudo_ev_pending(closure->write_ev, SUDO_EV_WRITE, NULL)) { if (!sudo_ev_pending(closure->write_ev, SUDO_EV_WRITE, NULL)) {
/* Enable a temporary write event. */ /* Enable a temporary write event. */
if (sudo_ev_add(closure->evbase, closure->write_ev, NULL, false) == -1) { if (sudo_ev_add(closure->evbase, closure->write_ev, NULL, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
closure->temporary_write_event = true; closure->temporary_write_event = true;
@ -1219,7 +1219,7 @@ client_msg_cb(int fd, int what, void *v)
} }
if (what == SUDO_EV_TIMEOUT) { if (what == SUDO_EV_TIMEOUT) {
sudo_warnx(U_("timeout writing to server")); sudo_warnx("%s", U_("timeout writing to server"));
goto bad; goto bad;
} }
@ -1438,7 +1438,7 @@ tls_connect_cb(int sock, int what, void *v)
debug_decl(tls_connect_cb, SUDO_DEBUG_UTIL); debug_decl(tls_connect_cb, SUDO_DEBUG_UTIL);
if (what == SUDO_EV_TIMEOUT) { if (what == SUDO_EV_TIMEOUT) {
sudo_warnx(U_("TLS handshake timeout occurred")); sudo_warnx("%s", U_("TLS handshake timeout occurred"));
goto bad; goto bad;
} }
@ -1457,12 +1457,12 @@ tls_connect_cb(int sock, int what, void *v)
if (what != SUDO_EV_READ) { if (what != SUDO_EV_READ) {
if (sudo_ev_set(closure->tls_connect_ev, closure->sock, if (sudo_ev_set(closure->tls_connect_ev, closure->sock,
SUDO_EV_READ, tls_connect_cb, closure) == -1) { SUDO_EV_READ, tls_connect_cb, closure) == -1) {
sudo_warnx(U_("unable to set event")); sudo_warnx("%s", U_("unable to set event"));
goto bad; goto bad;
} }
} }
if (sudo_ev_add(evbase, closure->tls_connect_ev, &timeo, false) == -1) { if (sudo_ev_add(evbase, closure->tls_connect_ev, &timeo, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
break; break;
@ -1472,12 +1472,12 @@ tls_connect_cb(int sock, int what, void *v)
if (what != SUDO_EV_WRITE) { if (what != SUDO_EV_WRITE) {
if (sudo_ev_set(closure->tls_connect_ev, closure->sock, if (sudo_ev_set(closure->tls_connect_ev, closure->sock,
SUDO_EV_WRITE, tls_connect_cb, closure) == -1) { SUDO_EV_WRITE, tls_connect_cb, closure) == -1) {
sudo_warnx(U_("unable to set event")); sudo_warnx("%s", U_("unable to set event"));
goto bad; goto bad;
} }
} }
if (sudo_ev_add(evbase, closure->tls_connect_ev, &timeo, false) == -1) { if (sudo_ev_add(evbase, closure->tls_connect_ev, &timeo, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
break; break;
@ -1535,7 +1535,7 @@ tls_setup(struct client_closure *closure)
} }
if (sudo_ev_add(closure->evbase, closure->tls_connect_ev, NULL, false) == -1) { if (sudo_ev_add(closure->evbase, closure->tls_connect_ev, NULL, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }

4
plugins/audit_json/audit_json.c
View File

@ -413,7 +413,7 @@ audit_write_exit_record(int exit_status, int error)
debug_decl(audit_write_exit_record, SUDO_DEBUG_PLUGIN); debug_decl(audit_write_exit_record, SUDO_DEBUG_PLUGIN);
if (sudo_gettime_real(&now) == -1) { if (sudo_gettime_real(&now) == -1) {
sudo_warn(U_("unable to read the clock")); sudo_warn("%s", U_("unable to read the clock"));
goto done; goto done;
} }
@ -498,7 +498,7 @@ audit_write_record(const char *audit_str, const char *plugin_name,
debug_decl(audit_write_record, SUDO_DEBUG_PLUGIN); debug_decl(audit_write_record, SUDO_DEBUG_PLUGIN);
if (sudo_gettime_real(&now) == -1) { if (sudo_gettime_real(&now) == -1) {
sudo_warn(U_("unable to read the clock")); sudo_warn("%s", U_("unable to read the clock"));
goto done; goto done;
} }

2
plugins/sudoers/auth/aix_auth.c
View File

@ -195,7 +195,7 @@ sudo_aix_change_password(const char *user)
switch (child = sudo_debug_fork()) { switch (child = sudo_debug_fork()) {
case -1: case -1:
/* error */ /* error */
sudo_warn(U_("unable to fork")); sudo_warn("%s", U_("unable to fork"));
break; break;
case 0: case 0:
/* child, run passwd(1) */ /* child, run passwd(1) */

10
plugins/sudoers/auth/fwtk.c
View File

@ -51,18 +51,18 @@ sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
debug_decl(sudo_fwtk_init, SUDOERS_DEBUG_AUTH); debug_decl(sudo_fwtk_init, SUDOERS_DEBUG_AUTH);
if ((confp = cfg_read("sudo")) == (Cfg *)-1) { if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
sudo_warnx(U_("unable to read fwtk config")); sudo_warnx("%s", U_("unable to read fwtk config"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
if (auth_open(confp)) { if (auth_open(confp)) {
sudo_warnx(U_("unable to connect to authentication server")); sudo_warnx("%s", U_("unable to connect to authentication server"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
/* Get welcome message from auth server */ /* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) { if (auth_recv(resp, sizeof(resp))) {
sudo_warnx(U_("lost connection to authentication server")); sudo_warnx("%s", U_("lost connection to authentication server"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
if (strncmp(resp, "Authsrv ready", 13) != 0) { if (strncmp(resp, "Authsrv ready", 13) != 0) {
@ -86,7 +86,7 @@ sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_c
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name); (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
restart: restart:
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
sudo_warnx(U_("lost connection to authentication server")); sudo_warnx("%s", U_("lost connection to authentication server"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
@ -118,7 +118,7 @@ restart:
/* Send the user's response to the server */ /* Send the user's response to the server */
(void) snprintf(buf, sizeof(buf), "response '%s'", pass); (void) snprintf(buf, sizeof(buf), "response '%s'", pass);
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
sudo_warnx(U_("lost connection to authentication server")); sudo_warnx("%s", U_("lost connection to authentication server"));
error = AUTH_FATAL; error = AUTH_FATAL;
goto done; goto done;
} }

22
plugins/sudoers/auth/securid5.c
View File

@ -69,7 +69,7 @@ sudo_securid_init(struct passwd *pw, sudo_auth *auth)
if (AceInitialize() != SD_FALSE) if (AceInitialize() != SD_FALSE)
debug_return_int(AUTH_SUCCESS); debug_return_int(AUTH_SUCCESS);
sudo_warnx(U_("failed to initialise the ACE API library")); sudo_warnx("%s", U_("failed to initialise the ACE API library"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
@ -95,7 +95,7 @@ sudo_securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
/* Re-initialize SecurID every time. */ /* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) { if (SD_Init(sd) != ACM_OK) {
sudo_warnx(U_("unable to contact the SecurID server")); sudo_warnx("%s", U_("unable to contact the SecurID server"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
@ -104,23 +104,23 @@ sudo_securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
switch (retval) { switch (retval) {
case ACM_OK: case ACM_OK:
sudo_warnx(U_("User ID locked for SecurID Authentication")); sudo_warnx("%s", U_("User ID locked for SecurID Authentication"));
debug_return_int(AUTH_SUCCESS); debug_return_int(AUTH_SUCCESS);
case ACE_UNDEFINED_USERNAME: case ACE_UNDEFINED_USERNAME:
sudo_warnx(U_("invalid username length for SecurID")); sudo_warnx("%s", U_("invalid username length for SecurID"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
case ACE_ERR_INVALID_HANDLE: case ACE_ERR_INVALID_HANDLE:
sudo_warnx(U_("invalid Authentication Handle for SecurID")); sudo_warnx("%s", U_("invalid Authentication Handle for SecurID"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
case ACM_ACCESS_DENIED: case ACM_ACCESS_DENIED:
sudo_warnx(U_("SecurID communication failed")); sudo_warnx("%s", U_("SecurID communication failed"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
default: default:
sudo_warnx(U_("unknown SecurID error")); sudo_warnx("%s", U_("unknown SecurID error"));
debug_return_int(AUTH_FATAL); debug_return_int(AUTH_FATAL);
} }
} }
@ -154,17 +154,17 @@ sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_
break; break;
case ACE_UNDEFINED_PASSCODE: case ACE_UNDEFINED_PASSCODE:
sudo_warnx(U_("invalid passcode length for SecurID")); sudo_warnx("%s", U_("invalid passcode length for SecurID"));
ret = AUTH_FATAL; ret = AUTH_FATAL;
break; break;
case ACE_UNDEFINED_USERNAME: case ACE_UNDEFINED_USERNAME:
sudo_warnx(U_("invalid username length for SecurID")); sudo_warnx("%s", U_("invalid username length for SecurID"));
ret = AUTH_FATAL; ret = AUTH_FATAL;
break; break;
case ACE_ERR_INVALID_HANDLE: case ACE_ERR_INVALID_HANDLE:
sudo_warnx(U_("invalid Authentication Handle for SecurID")); sudo_warnx("%s", U_("invalid Authentication Handle for SecurID"));
ret = AUTH_FATAL; ret = AUTH_FATAL;
break; break;
@ -207,7 +207,7 @@ then enter the new token code.\n", \
break; break;
default: default:
sudo_warnx(U_("unknown SecurID error")); sudo_warnx("%s", U_("unknown SecurID error"));
ret = AUTH_FATAL; ret = AUTH_FATAL;
break; break;
} }

8
plugins/sudoers/bsm_audit.c
View File

@ -120,7 +120,7 @@ bsm_audit_success(char *const exec_args[])
if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) { if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED) if (errno == AUDIT_NOT_CONFIGURED)
debug_return_int(0); debug_return_int(0);
sudo_warn(U_("Could not determine audit condition")); sudo_warn("%s", U_("Could not determine audit condition"));
debug_return_int(-1); debug_return_int(-1);
} }
if (au_cond == AUC_NOAUDIT) if (au_cond == AUC_NOAUDIT)
@ -185,7 +185,7 @@ bsm_audit_success(char *const exec_args[])
if (au_close(aufd, 1, sudo_audit_event) == -1) if (au_close(aufd, 1, sudo_audit_event) == -1)
#endif #endif
{ {
sudo_warn(U_("unable to commit audit record")); sudo_warn("%s", U_("unable to commit audit record"));
debug_return_int(-1); debug_return_int(-1);
} }
debug_return_int(0); debug_return_int(0);
@ -211,7 +211,7 @@ bsm_audit_failure(char *const exec_args[], const char *errmsg)
if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) { if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED) if (errno == AUDIT_NOT_CONFIGURED)
debug_return_int(0); debug_return_int(0);
sudo_warn(U_("Could not determine audit condition")); sudo_warn("%s", U_("Could not determine audit condition"));
debug_return_int(-1); debug_return_int(-1);
} }
if (au_cond == AUC_NOAUDIT) if (au_cond == AUC_NOAUDIT)
@ -274,7 +274,7 @@ bsm_audit_failure(char *const exec_args[], const char *errmsg)
if (au_close(aufd, 1, sudo_audit_event) == -1) if (au_close(aufd, 1, sudo_audit_event) == -1)
#endif #endif
{ {
sudo_warn(U_("unable to commit audit record")); sudo_warn("%s", U_("unable to commit audit record"));
debug_return_int(-1); debug_return_int(-1);
} }
debug_return_int(0); debug_return_int(0);

2
plugins/sudoers/cvtsudoers.c
View File

@ -327,7 +327,7 @@ main(int argc, char *argv[])
/* Setup defaults data structures. */ /* Setup defaults data structures. */
if (!init_defaults()) if (!init_defaults())
sudo_fatalx(U_("unable to initialize sudoers default values")); sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
switch (input_format) { switch (input_format) {
case format_ldif: case format_ldif:

8
plugins/sudoers/cvtsudoers_json.c
View File

@ -637,10 +637,10 @@ print_cmndspec_json(struct json_container *json,
} }
if (cs->notbefore != UNSPEC) { if (cs->notbefore != UNSPEC) {
if ((tp = gmtime(&cs->notbefore)) == NULL) { if ((tp = gmtime(&cs->notbefore)) == NULL) {
sudo_warn(U_("unable to get GMT time")); sudo_warn("%s", U_("unable to get GMT time"));
} else { } else {
if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) { if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
sudo_warnx(U_("unable to format timestamp")); sudo_warnx("%s", U_("unable to format timestamp"));
} else { } else {
value.type = JSON_STRING; value.type = JSON_STRING;
value.u.string = timebuf; value.u.string = timebuf;
@ -650,10 +650,10 @@ print_cmndspec_json(struct json_container *json,
} }
if (cs->notafter != UNSPEC) { if (cs->notafter != UNSPEC) {
if ((tp = gmtime(&cs->notafter)) == NULL) { if ((tp = gmtime(&cs->notafter)) == NULL) {
sudo_warn(U_("unable to get GMT time")); sudo_warn("%s", U_("unable to get GMT time"));
} else { } else {
if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) { if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
sudo_warnx(U_("unable to format timestamp")); sudo_warnx("%s", U_("unable to format timestamp"));
} else { } else {
value.type = JSON_STRING; value.type = JSON_STRING;
value.u.string = timebuf; value.u.string = timebuf;

10
plugins/sudoers/cvtsudoers_ldif.c
View File

@ -342,10 +342,10 @@ print_cmndspec_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree,
/* Print sudoNotBefore and sudoNotAfter attributes */ /* Print sudoNotBefore and sudoNotAfter attributes */
if (cs->notbefore != UNSPEC) { if (cs->notbefore != UNSPEC) {
if ((tp = gmtime(&cs->notbefore)) == NULL) { if ((tp = gmtime(&cs->notbefore)) == NULL) {
sudo_warn(U_("unable to get GMT time")); sudo_warn("%s", U_("unable to get GMT time"));
} else { } else {
if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) { if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
sudo_warnx(U_("unable to format timestamp")); sudo_warnx("%s", U_("unable to format timestamp"));
} else { } else {
print_attribute_ldif(fp, "sudoNotBefore", timebuf); print_attribute_ldif(fp, "sudoNotBefore", timebuf);
} }
@ -353,10 +353,10 @@ print_cmndspec_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree,
} }
if (cs->notafter != UNSPEC) { if (cs->notafter != UNSPEC) {
if ((tp = gmtime(&cs->notafter)) == NULL) { if ((tp = gmtime(&cs->notafter)) == NULL) {
sudo_warn(U_("unable to get GMT time")); sudo_warn("%s", U_("unable to get GMT time"));
} else { } else {
if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) { if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
sudo_warnx(U_("unable to format timestamp")); sudo_warnx("%s", U_("unable to format timestamp"));
} else { } else {
print_attribute_ldif(fp, "sudoNotAfter", timebuf); print_attribute_ldif(fp, "sudoNotAfter", timebuf);
} }
@ -672,7 +672,7 @@ convert_sudoers_ldif(struct sudoers_parse_tree *parse_tree,
debug_decl(convert_sudoers_ldif, SUDOERS_DEBUG_UTIL); debug_decl(convert_sudoers_ldif, SUDOERS_DEBUG_UTIL);
if (conf->sudoers_base == NULL) { if (conf->sudoers_base == NULL) {
sudo_fatalx(U_("the SUDOERS_BASE environment variable is not set and the -b option was not specified.")); sudo_fatalx("%s", U_("the SUDOERS_BASE environment variable is not set and the -b option was not specified."));
} }
if (output_file != NULL && strcmp(output_file, "-") != 0) { if (output_file != NULL && strcmp(output_file, "-") != 0) {

8
plugins/sudoers/env.c
View File

@ -400,8 +400,10 @@ sudo_putenv(char *str, bool dupcheck, bool overwrite)
ret = sudo_putenv_nodebug(str, dupcheck, overwrite); ret = sudo_putenv_nodebug(str, dupcheck, overwrite);
if (ret == -1) { if (ret == -1) {
#ifdef ENV_DEBUG #ifdef ENV_DEBUG
if (env.envp[env.env_len] != NULL) if (env.envp[env.env_len] != NULL) {
sudo_warnx(U_("sudo_putenv: corrupted envp, length mismatch")); sudo_warnx("%s",
U_("sudo_putenv: corrupted envp, length mismatch"));
}
#endif #endif
} }
debug_return_int(ret); debug_return_int(ret);
@ -1128,7 +1130,7 @@ rebuild_env(void)
debug_return_bool(true); debug_return_bool(true);
bad: bad:
sudo_warn(U_("unable to rebuild the environment")); sudo_warn("%s", U_("unable to rebuild the environment"));
debug_return_bool(false); debug_return_bool(false);
} }

8
plugins/sudoers/iolog.c
View File

@ -628,7 +628,7 @@ sudoers_io_open_remote(struct timespec *now)
/* Connect to log server. */ /* Connect to log server. */
if (!log_server_connect(client_closure)) { if (!log_server_connect(client_closure)) {
/* TODO: support offline logs if server unreachable */ /* TODO: support offline logs if server unreachable */
sudo_warnx(U_("unable to connect to log server")); sudo_warnx("%s", U_("unable to connect to log server"));
goto done; goto done;
} }
@ -918,7 +918,7 @@ sudoers_io_log_remote(int event, const char *buf, unsigned int len,
ret = client_closure->write_ev->add(client_closure->write_ev, ret = client_closure->write_ev->add(client_closure->write_ev,
&iolog_details.server_timeout); &iolog_details.server_timeout);
if (ret == -1) if (ret == -1)
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
} }
done: done:
@ -1051,7 +1051,7 @@ sudoers_io_change_winsize_remote(unsigned int lines, unsigned int cols,
ret = client_closure->write_ev->add(client_closure->write_ev, ret = client_closure->write_ev->add(client_closure->write_ev,
&iolog_details.server_timeout); &iolog_details.server_timeout);
if (ret == -1) if (ret == -1)
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
} }
debug_return_int(ret); debug_return_int(ret);
@ -1149,7 +1149,7 @@ sudoers_io_suspend_remote(const char *signame, struct timespec *delay,
ret = client_closure->write_ev->add(client_closure->write_ev, ret = client_closure->write_ev->add(client_closure->write_ev,
&iolog_details.server_timeout); &iolog_details.server_timeout);
if (ret == -1) if (ret == -1)
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
} }
debug_return_int(ret); debug_return_int(ret);

38
plugins/sudoers/iolog_client.c
View File

@ -105,11 +105,11 @@ timed_connect(int sock, const struct sockaddr *addr, socklen_t addrlen,
goto done; goto done;
} }
if (sudo_ev_add(evbase, connect_event, timo, false) == -1) { if (sudo_ev_add(evbase, connect_event, timo, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto done; goto done;
} }
if (sudo_ev_dispatch(evbase) == -1) { if (sudo_ev_dispatch(evbase) == -1) {
sudo_warn(U_("error in event loop")); sudo_warn("%s", U_("error in event loop"));
goto done; goto done;
} }
if (errnum == 0) if (errnum == 0)
@ -293,7 +293,7 @@ tls_connect_cb(int sock, int what, void *v)
debug_decl(tls_connect_cb, SUDOERS_DEBUG_UTIL); debug_decl(tls_connect_cb, SUDOERS_DEBUG_UTIL);
if (what == SUDO_PLUGIN_EV_TIMEOUT) { if (what == SUDO_PLUGIN_EV_TIMEOUT) {
sudo_warnx(U_("TLS handshake timeout occurred")); sudo_warnx("%s", U_("TLS handshake timeout occurred"));
goto bad; goto bad;
} }
@ -315,13 +315,13 @@ tls_connect_cb(int sock, int what, void *v)
if (what != SUDO_EV_READ) { if (what != SUDO_EV_READ) {
if (sudo_ev_set(closure->tls_connect_ev, sock, if (sudo_ev_set(closure->tls_connect_ev, sock,
SUDO_EV_READ, tls_connect_cb, closure) == -1) { SUDO_EV_READ, tls_connect_cb, closure) == -1) {
sudo_warnx(U_("unable to set event")); sudo_warnx("%s", U_("unable to set event"));
goto bad; goto bad;
} }
} }
if (sudo_ev_add(closure->evbase, closure->tls_connect_ev, if (sudo_ev_add(closure->evbase, closure->tls_connect_ev,
&timeo, false) == -1) { &timeo, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
break; break;
@ -331,13 +331,13 @@ tls_connect_cb(int sock, int what, void *v)
if (what != SUDO_EV_WRITE) { if (what != SUDO_EV_WRITE) {
if (sudo_ev_set(closure->tls_connect_ev, sock, if (sudo_ev_set(closure->tls_connect_ev, sock,
SUDO_EV_WRITE, tls_connect_cb, closure) == -1) { SUDO_EV_WRITE, tls_connect_cb, closure) == -1) {
sudo_warnx(U_("unable to set event")); sudo_warnx("%s", U_("unable to set event"));
goto bad; goto bad;
} }
} }
if (sudo_ev_add(closure->evbase, closure->tls_connect_ev, if (sudo_ev_add(closure->evbase, closure->tls_connect_ev,
&timeo, false) == -1) { &timeo, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
break; break;
@ -383,12 +383,12 @@ tls_timed_connect(SSL *ssl, const char *host, const char *port,
} }
if (sudo_ev_add(closure.evbase, closure.tls_connect_ev, timo, false) == -1) { if (sudo_ev_add(closure.evbase, closure.tls_connect_ev, timo, false) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto done; goto done;
} }
if (sudo_ev_dispatch(closure.evbase) == -1) { if (sudo_ev_dispatch(closure.evbase) == -1) {
sudo_warnx(U_("error in event loop")); sudo_warnx("%s", U_("error in event loop"));
goto done; goto done;
} }
@ -1146,7 +1146,7 @@ client_message_completion(struct client_closure *closure)
/* Enable timeout while waiting for final commit point. */ /* Enable timeout while waiting for final commit point. */
if (closure->read_ev->add(closure->read_ev, if (closure->read_ev->add(closure->read_ev,
&closure->log_details->server_timeout) == -1) { &closure->log_details->server_timeout) == -1) {
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
debug_return_bool(false); debug_return_bool(false);
} }
break; break;
@ -1182,7 +1182,7 @@ read_server_hello(struct client_closure *closure)
closure->write_ev->setbase(closure->write_ev, evbase); closure->write_ev->setbase(closure->write_ev, evbase);
if (closure->write_ev->add(closure->write_ev, if (closure->write_ev->add(closure->write_ev,
&closure->log_details->server_timeout) == -1) { &closure->log_details->server_timeout) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto done; goto done;
} }
@ -1190,13 +1190,13 @@ read_server_hello(struct client_closure *closure)
closure->read_ev->setbase(closure->read_ev, evbase); closure->read_ev->setbase(closure->read_ev, evbase);
if (closure->read_ev->add(closure->read_ev, if (closure->read_ev->add(closure->read_ev,
&closure->log_details->server_timeout) == -1) { &closure->log_details->server_timeout) == -1) {
sudo_warnx(U_("unable to add event to queue")); sudo_warnx("%s", U_("unable to add event to queue"));
goto done; goto done;
} }
/* Read/write hello messages synchronously. */ /* Read/write hello messages synchronously. */
if (sudo_ev_dispatch(evbase) == -1) { if (sudo_ev_dispatch(evbase) == -1) {
sudo_warnx(U_("error in event loop")); sudo_warnx("%s", U_("error in event loop"));
goto done; goto done;
} }
@ -1250,7 +1250,7 @@ handle_server_hello(ServerHello *msg, struct client_closure *closure)
*/ */
closure->read_ev->setbase(closure->read_ev, NULL); closure->read_ev->setbase(closure->read_ev, NULL);
if (closure->read_ev->add(closure->read_ev, NULL) == -1) { if (closure->read_ev->add(closure->read_ev, NULL) == -1) {
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
debug_return_bool(false); debug_return_bool(false);
} }
closure->write_ev->setbase(closure->write_ev, NULL); closure->write_ev->setbase(closure->write_ev, NULL);
@ -1357,7 +1357,7 @@ handle_server_message(uint8_t *buf, size_t len,
if ((ret = fmt_accept_message(closure))) { if ((ret = fmt_accept_message(closure))) {
if (closure->write_ev->add(closure->write_ev, if (closure->write_ev->add(closure->write_ev,
&closure->log_details->server_timeout) == -1) { &closure->log_details->server_timeout) == -1) {
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
ret = false; ret = false;
} }
} }
@ -1473,7 +1473,7 @@ server_msg_cb(int fd, int what, void *v)
SUDO_PLUGIN_EV_WRITE, NULL)) { SUDO_PLUGIN_EV_WRITE, NULL)) {
/* Enable a temporary write event. */ /* Enable a temporary write event. */
if (closure->write_ev->add(closure->write_ev, NULL) == -1) { if (closure->write_ev->add(closure->write_ev, NULL) == -1) {
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
goto bad; goto bad;
} }
closure->temporary_write_event = true; closure->temporary_write_event = true;
@ -1755,7 +1755,7 @@ client_close(struct client_closure *closure, int exit_status, int error)
closure->read_ev->setbase(closure->read_ev, evbase); closure->read_ev->setbase(closure->read_ev, evbase);
if (closure->read_ev->add(closure->read_ev, if (closure->read_ev->add(closure->read_ev,
&closure->log_details->server_timeout) == -1) { &closure->log_details->server_timeout) == -1) {
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
goto done; goto done;
} }
@ -1763,7 +1763,7 @@ client_close(struct client_closure *closure, int exit_status, int error)
closure->write_ev->setbase(closure->write_ev, evbase); closure->write_ev->setbase(closure->write_ev, evbase);
if (closure->write_ev->add(closure->write_ev, if (closure->write_ev->add(closure->write_ev,
&closure->log_details->server_timeout) == -1) { &closure->log_details->server_timeout) == -1) {
sudo_warn(U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));
goto done; goto done;
} }
@ -1771,7 +1771,7 @@ client_close(struct client_closure *closure, int exit_status, int error)
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"flushing buffers and waiting for final commit point"); "flushing buffers and waiting for final commit point");
if (sudo_ev_dispatch(evbase) == -1 || sudo_ev_got_break(evbase)) { if (sudo_ev_dispatch(evbase) == -1 || sudo_ev_got_break(evbase)) {
sudo_warnx(U_("error in event loop")); sudo_warnx("%s", U_("error in event loop"));
goto done; goto done;
} }

9
plugins/sudoers/ldap.c
View File

@ -173,7 +173,7 @@ sudo_ldap_join_uri(struct ldap_config_str_list *uri_list)
STAILQ_FOREACH(uri, uri_list, entries) { STAILQ_FOREACH(uri, uri_list, entries) {
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) { if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
if (strncasecmp(uri->val, "ldaps://", 8) == 0) { if (strncasecmp(uri->val, "ldaps://", 8) == 0) {
sudo_warnx(U_("starttls not supported when using ldaps")); sudo_warnx("%s", U_("starttls not supported when using ldaps"));
ldap_conf.ssl_mode = SUDO_LDAP_SSL; ldap_conf.ssl_mode = SUDO_LDAP_SSL;
} }
} }
@ -499,13 +499,13 @@ sudo_ldap_timefilter(char *buffer, size_t buffersize)
/* Make sure we have a formatted timestamp for __now__. */ /* Make sure we have a formatted timestamp for __now__. */
time(&now); time(&now);
if ((tp = gmtime(&now)) == NULL) { if ((tp = gmtime(&now)) == NULL) {
sudo_warn(U_("unable to get GMT time")); sudo_warn("%s", U_("unable to get GMT time"));
goto done; goto done;
} }
/* Format the timestamp according to the RFC. */ /* Format the timestamp according to the RFC. */
if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%M%S.0Z", tp) == 0) { if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%M%S.0Z", tp) == 0) {
sudo_warnx(U_("unable to format timestamp")); sudo_warnx("%s", U_("unable to format timestamp"));
goto done; goto done;
} }
@ -1691,7 +1691,8 @@ sudo_ldap_open(struct sudo_nss *nss)
} }
DPRINTF1("ldap_start_tls_s_np() ok"); DPRINTF1("ldap_start_tls_s_np() ok");
#else #else
sudo_warnx(U_("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()")); sudo_warnx("%s",
U_("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"));
#endif /* !HAVE_LDAP_START_TLS_S && !HAVE_LDAP_START_TLS_S_NP */ #endif /* !HAVE_LDAP_START_TLS_S && !HAVE_LDAP_START_TLS_S_NP */
} }

6
plugins/sudoers/ldap_conf.c
View File

@ -197,7 +197,7 @@ sudo_ldap_conf_add_ports(void)
hostbuf[0] = '\0'; hostbuf[0] = '\0';
len = snprintf(defport, sizeof(defport), ":%d", ldap_conf.port); len = snprintf(defport, sizeof(defport), ":%d", ldap_conf.port);
if (len < 0 || len >= ssizeof(defport)) { if (len < 0 || len >= ssizeof(defport)) {
sudo_warnx(U_("sudo_ldap_conf_add_ports: port too large")); sudo_warnx(U_("%s: port too large"), __func__);
debug_return_bool(false); debug_return_bool(false);
} }
@ -284,11 +284,11 @@ sudo_ldap_parse_uri(const struct ldap_config_str_list *uri_list)
if (nldaps != 0) { if (nldaps != 0) {
if (nldap != 0) { if (nldap != 0) {
sudo_warnx(U_("unable to mix ldap and ldaps URIs")); sudo_warnx("%s", U_("unable to mix ldap and ldaps URIs"));
goto done; goto done;
} }
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS)
sudo_warnx(U_("starttls not supported when using ldaps")); sudo_warnx("%s", U_("starttls not supported when using ldaps"));
ldap_conf.ssl_mode = SUDO_LDAP_SSL; ldap_conf.ssl_mode = SUDO_LDAP_SSL;
} }
free(buf); free(buf);

4
plugins/sudoers/linux_audit.c
View File

@ -55,7 +55,7 @@ linux_audit_open(void)
if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT) if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT)
au_fd = AUDIT_NOT_CONFIGURED; au_fd = AUDIT_NOT_CONFIGURED;
else else
sudo_warn(U_("unable to open audit system")); sudo_warn("%s", U_("unable to open audit system"));
} else { } else {
(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC); (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
} }
@ -98,7 +98,7 @@ linux_audit_command(char *const argv[], int result)
/* Log command, ignoring ECONNREFUSED on error. */ /* Log command, ignoring ECONNREFUSED on error. */
if (audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result) <= 0) { if (audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result) <= 0) {
if (errno != ECONNREFUSED) { if (errno != ECONNREFUSED) {
sudo_warn(U_("unable to send audit message")); sudo_warn("%s", U_("unable to send audit message"));
goto done; goto done;
} }
} }

2
plugins/sudoers/logging.c
View File

@ -780,7 +780,7 @@ send_mail(const char *fmt, ...)
switch (pid = sudo_debug_fork()) { switch (pid = sudo_debug_fork()) {
case -1: case -1:
/* Error. */ /* Error. */
sudo_warn(U_("unable to fork")); sudo_warn("%s", U_("unable to fork"));
debug_return_bool(false); debug_return_bool(false);
break; break;
case 0: case 0:

10
plugins/sudoers/parse.c
View File

@ -442,9 +442,9 @@ display_priv_long(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
sudo_lbuf_append(lbuf, _("\nLDAP Role: %s\n"), sudo_lbuf_append(lbuf, _("\nLDAP Role: %s\n"),
priv->ldap_role); priv->ldap_role);
} else { } else {
sudo_lbuf_append(lbuf, _("\nSudoers entry:\n")); sudo_lbuf_append(lbuf, "%s", _("\nSudoers entry:\n"));
} }
sudo_lbuf_append(lbuf, _(" RunAsUsers: ")); sudo_lbuf_append(lbuf, "%s", _(" RunAsUsers: "));
if (cs->runasuserlist != NULL) { if (cs->runasuserlist != NULL) {
TAILQ_FOREACH(m, cs->runasuserlist, entries) { TAILQ_FOREACH(m, cs->runasuserlist, entries) {
if (m != TAILQ_FIRST(cs->runasuserlist)) if (m != TAILQ_FIRST(cs->runasuserlist))
@ -459,7 +459,7 @@ display_priv_long(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
} }
sudo_lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
if (cs->runasgrouplist != NULL) { if (cs->runasgrouplist != NULL) {
sudo_lbuf_append(lbuf, _(" RunAsGroups: ")); sudo_lbuf_append(lbuf, "%s", _(" RunAsGroups: "));
TAILQ_FOREACH(m, cs->runasgrouplist, entries) { TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
if (m != TAILQ_FIRST(cs->runasgrouplist)) if (m != TAILQ_FIRST(cs->runasgrouplist))
sudo_lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
@ -469,7 +469,7 @@ display_priv_long(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
sudo_lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
} }
olen = lbuf->len; olen = lbuf->len;
sudo_lbuf_append(lbuf, _(" Options: ")); sudo_lbuf_append(lbuf, "%s", _(" Options: "));
TAILQ_FOREACH(d, &priv->defaults, entries) { TAILQ_FOREACH(d, &priv->defaults, entries) {
sudoers_format_default(lbuf, d); sudoers_format_default(lbuf, d);
sudo_lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
@ -519,7 +519,7 @@ display_priv_long(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
if (strftime(buf, sizeof(buf), "%Y%m%d%H%M%SZ", tm) != 0) if (strftime(buf, sizeof(buf), "%Y%m%d%H%M%SZ", tm) != 0)
sudo_lbuf_append(lbuf, " NotAfter: %s\n", buf); sudo_lbuf_append(lbuf, " NotAfter: %s\n", buf);
} }
sudo_lbuf_append(lbuf, _(" Commands:\n")); sudo_lbuf_append(lbuf, "%s", _(" Commands:\n"));
} }
sudo_lbuf_append(lbuf, "\t"); sudo_lbuf_append(lbuf, "\t");
sudoers_format_member(lbuf, parse_tree, cs->cmnd, "\n\t", sudoers_format_member(lbuf, parse_tree, cs->cmnd, "\n\t",

10
plugins/sudoers/policy.c
View File

@ -278,7 +278,7 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
if (MATCHES(*cur, "network_addrs=")) { if (MATCHES(*cur, "network_addrs=")) {
interfaces_string = *cur + sizeof("network_addrs=") - 1; interfaces_string = *cur + sizeof("network_addrs=") - 1;
if (!set_interfaces(interfaces_string)) { if (!set_interfaces(interfaces_string)) {
sudo_warn(U_("unable to parse network address list")); sudo_warn("%s", U_("unable to parse network address list"));
goto bad; goto bad;
} }
continue; continue;
@ -423,19 +423,19 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
/* User name, user-ID, group-ID and host name must be specified. */ /* User name, user-ID, group-ID and host name must be specified. */
if (user_name == NULL) { if (user_name == NULL) {
sudo_warnx(U_("user name not set by sudo front-end")); sudo_warnx("%s", U_("user name not set by sudo front-end"));
goto bad; goto bad;
} }
if (user_uid == (uid_t)-1) { if (user_uid == (uid_t)-1) {
sudo_warnx(U_("user-ID not set by sudo front-end")); sudo_warnx("%s", U_("user-ID not set by sudo front-end"));
goto bad; goto bad;
} }
if (user_gid == (gid_t)-1) { if (user_gid == (gid_t)-1) {
sudo_warnx(U_("group-ID not set by sudo front-end")); sudo_warnx("%s", U_("group-ID not set by sudo front-end"));
goto bad; goto bad;
} }
if (user_host == NULL) { if (user_host == NULL) {
sudo_warnx(U_("host name not set by sudo front-end")); sudo_warnx("%s", U_("host name not set by sudo front-end"));
goto bad; goto bad;
} }

10
plugins/sudoers/set_perms.c
View File

@ -369,7 +369,7 @@ restore_perms(void)
debug_decl(restore_perms, SUDOERS_DEBUG_PERMS); debug_decl(restore_perms, SUDOERS_DEBUG_PERMS);
if (perm_stack_depth < 2) { if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow")); sudo_warnx("%s", U_("perm stack underflow"));
debug_return_bool(true); debug_return_bool(true);
} }
@ -708,7 +708,7 @@ restore_perms(void)
debug_decl(restore_perms, SUDOERS_DEBUG_PERMS); debug_decl(restore_perms, SUDOERS_DEBUG_PERMS);
if (perm_stack_depth < 2) { if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow")); sudo_warnx("%s", U_("perm stack underflow"));
debug_return_bool(true); debug_return_bool(true);
} }
@ -1071,7 +1071,7 @@ restore_perms(void)
debug_decl(restore_perms, SUDOERS_DEBUG_PERMS); debug_decl(restore_perms, SUDOERS_DEBUG_PERMS);
if (perm_stack_depth < 2) { if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow")); sudo_warnx("%s", U_("perm stack underflow"));
debug_return_bool(true); debug_return_bool(true);
} }
@ -1374,7 +1374,7 @@ restore_perms(void)
debug_decl(restore_perms, SUDOERS_DEBUG_PERMS); debug_decl(restore_perms, SUDOERS_DEBUG_PERMS);
if (perm_stack_depth < 2) { if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow")); sudo_warnx("%s", U_("perm stack underflow"));
debug_return_bool(true); debug_return_bool(true);
} }
@ -1539,7 +1539,7 @@ restore_perms(void)
debug_decl(restore_perms, SUDOERS_DEBUG_PERMS); debug_decl(restore_perms, SUDOERS_DEBUG_PERMS);
if (perm_stack_depth < 2) { if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow")); sudo_warnx("%s", U_("perm stack underflow"));
debug_return_bool(true); debug_return_bool(true);
} }

3
plugins/sudoers/sssd.c
View File

@ -570,7 +570,8 @@ sudo_sss_open(struct sudo_nss *nss)
const char *errstr = sudo_dso_strerror(); const char *errstr = sudo_dso_strerror();
sudo_warnx(U_("unable to load %s: %s"), path, sudo_warnx(U_("unable to load %s: %s"), path,
errstr ? errstr : "unknown error"); errstr ? errstr : "unknown error");
sudo_warnx(U_("unable to initialize SSS source. Is SSSD installed on your machine?")); sudo_warnx("%s",
U_("unable to initialize SSS source. Is SSSD installed on your machine?"));
free(handle); free(handle);
debug_return_int(EFAULT); debug_return_int(EFAULT);
} }

19
plugins/sudoers/sudoers.c
View File

@ -177,7 +177,7 @@ sudoers_init(void *info, char * const envp[])
/* Setup defaults data structures. */ /* Setup defaults data structures. */
if (!init_defaults()) { if (!init_defaults()) {
sudo_warnx(U_("unable to initialize sudoers default values")); sudo_warnx("%s", U_("unable to initialize sudoers default values"));
debug_return_int(-1); debug_return_int(-1);
} }
@ -217,7 +217,7 @@ sudoers_init(void *info, char * const envp[])
} }
} }
if (sources == 0) { if (sources == 0) {
sudo_warnx(U_("no valid sudoers sources found, quitting")); sudo_warnx("%s", U_("no valid sudoers sources found, quitting"));
goto cleanup; goto cleanup;
} }
@ -293,7 +293,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* Is root even allowed to run sudo? */ /* Is root even allowed to run sudo? */
if (user_uid == 0 && !def_root_sudo) { if (user_uid == 0 && !def_root_sudo) {
/* Not an audit event (should it be?). */ /* Not an audit event (should it be?). */
sudo_warnx(U_("sudoers specifies that root is not allowed to sudo")); sudo_warnx("%s",
U_("sudoers specifies that root is not allowed to sudo"));
goto bad; goto bad;
} }
@ -354,7 +355,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
if (!def_closefrom_override) { if (!def_closefrom_override) {
audit_failure(NewArgv, audit_failure(NewArgv,
N_("user not allowed to override closefrom limit")); N_("user not allowed to override closefrom limit"));
sudo_warnx(U_("you are not permitted to use the -C option")); sudo_warnx("%s", U_("you are not permitted to use the -C option"));
goto bad; goto bad;
} }
def_closefrom = user_closefrom; def_closefrom = user_closefrom;
@ -432,7 +433,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* Bail if a tty is required and we don't have one. */ /* Bail if a tty is required and we don't have one. */
if (def_requiretty && !tty_present()) { if (def_requiretty && !tty_present()) {
audit_failure(NewArgv, N_("no tty")); audit_failure(NewArgv, N_("no tty"));
sudo_warnx(U_("sorry, you must have a tty to run sudo")); sudo_warnx("%s", U_("sorry, you must have a tty to run sudo"));
goto bad; goto bad;
} }
@ -522,7 +523,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* If user specified a timeout make sure sudoers allows it. */ /* If user specified a timeout make sure sudoers allows it. */
if (!def_user_command_timeouts && user_timeout > 0) { if (!def_user_command_timeouts && user_timeout > 0) {
audit_failure(NewArgv, N_("user not allowed to set a command timeout")); audit_failure(NewArgv, N_("user not allowed to set a command timeout"));
sudo_warnx(U_("sorry, you are not allowed set a command timeout")); sudo_warnx("%s",
U_("sorry, you are not allowed set a command timeout"));
goto bad; goto bad;
} }
@ -531,7 +533,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
if (ISSET(sudo_mode, MODE_PRESERVE_ENV)) { if (ISSET(sudo_mode, MODE_PRESERVE_ENV)) {
audit_failure(NewArgv, audit_failure(NewArgv,
N_("user not allowed to preserve the environment")); N_("user not allowed to preserve the environment"));
sudo_warnx(U_("sorry, you are not allowed to preserve the environment")); sudo_warnx("%s",
U_("sorry, you are not allowed to preserve the environment"));
goto bad; goto bad;
} else { } else {
if (!validate_env_vars(sudo_user.env_vars)) if (!validate_env_vars(sudo_user.env_vars))
@ -932,7 +935,7 @@ set_cmnd(void)
if (ISSET(sudo_mode, MODE_RUN) && strcmp(user_base, "sudoedit") == 0) { if (ISSET(sudo_mode, MODE_RUN) && strcmp(user_base, "sudoedit") == 0) {
CLR(sudo_mode, MODE_RUN); CLR(sudo_mode, MODE_RUN);
SET(sudo_mode, MODE_EDIT); SET(sudo_mode, MODE_EDIT);
sudo_warnx(U_("sudoedit doesn't need to be run via sudo")); sudo_warnx("%s", U_("sudoedit doesn't need to be run via sudo"));
user_base = user_cmnd = "sudoedit"; user_base = user_cmnd = "sudoedit";
} }

32
plugins/sudoers/sudoreplay.c
View File

@ -508,7 +508,7 @@ getsize_cb(int fd, int what, void *v)
another: another:
if (sudo_ev_add(NULL, gc->ev, &gc->timeout, false) == -1) if (sudo_ev_add(NULL, gc->ev, &gc->timeout, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
done: done:
debug_return; debug_return;
} }
@ -555,7 +555,7 @@ xterm_get_size(int *new_lines, int *new_cols)
/* Read back terminal size response */ /* Read back terminal size response */
if (sudo_ev_add(evbase, gc.ev, &gc.timeout, false) == -1) if (sudo_ev_add(evbase, gc.ev, &gc.timeout, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
sudo_ev_dispatch(evbase); sudo_ev_dispatch(evbase);
if (gc.state == GOTSIZE) { if (gc.state == GOTSIZE) {
@ -623,7 +623,7 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize)
ttyfd = open(_PATH_TTY, O_RDWR); ttyfd = open(_PATH_TTY, O_RDWR);
while (!sudo_term_raw(ttyfd, 1)) { while (!sudo_term_raw(ttyfd, 1)) {
if (errno != EINTR) if (errno != EINTR)
sudo_fatal(U_("unable to set tty to raw mode")); sudo_fatal("%s", U_("unable to set tty to raw mode"));
kill(getpid(), SIGTTOU); kill(getpid(), SIGTTOU);
} }
} }
@ -787,7 +787,7 @@ get_timing_record(struct replay_closure *closure)
/* Schedule the delay event. */ /* Schedule the delay event. */
if (sudo_ev_add(closure->evbase, closure->delay_ev, &timing->delay, false) == -1) if (sudo_ev_add(closure->evbase, closure->delay_ev, &timing->delay, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
debug_return_int(0); debug_return_int(0);
} }
@ -899,7 +899,7 @@ delay_cb(int fd, int what, void *v)
if (timing->iol != NULL) { if (timing->iol != NULL) {
/* If the stream is open, enable the write event. */ /* If the stream is open, enable the write event. */
if (sudo_ev_add(closure->evbase, closure->output_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->output_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} else { } else {
/* Not replaying, get the next timing record and continue. */ /* Not replaying, get the next timing record and continue. */
next_timing_record(closure); next_timing_record(closure);
@ -989,7 +989,7 @@ replay_closure_alloc(int iolog_dir_fd, const char *iolog_dir,
if (closure->keyboard_ev == NULL) if (closure->keyboard_ev == NULL)
goto bad; goto bad;
if (sudo_ev_add(closure->evbase, closure->keyboard_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->keyboard_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
closure->output_ev = sudo_ev_alloc(interactive ? ttyfd : STDOUT_FILENO, closure->output_ev = sudo_ev_alloc(interactive ? ttyfd : STDOUT_FILENO,
SUDO_EV_WRITE, write_output, closure); SUDO_EV_WRITE, write_output, closure);
@ -1004,35 +1004,35 @@ replay_closure_alloc(int iolog_dir_fd, const char *iolog_dir,
if (closure->sighup_ev == NULL) if (closure->sighup_ev == NULL)
goto bad; goto bad;
if (sudo_ev_add(closure->evbase, closure->sighup_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->sighup_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
closure->sigint_ev = sudo_ev_alloc(SIGINT, SUDO_EV_SIGNAL, signal_cb, closure->sigint_ev = sudo_ev_alloc(SIGINT, SUDO_EV_SIGNAL, signal_cb,
closure); closure);
if (closure->sigint_ev == NULL) if (closure->sigint_ev == NULL)
goto bad; goto bad;
if (sudo_ev_add(closure->evbase, closure->sigint_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->sigint_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
closure->sigquit_ev = sudo_ev_alloc(SIGQUIT, SUDO_EV_SIGNAL, signal_cb, closure->sigquit_ev = sudo_ev_alloc(SIGQUIT, SUDO_EV_SIGNAL, signal_cb,
closure); closure);
if (closure->sigquit_ev == NULL) if (closure->sigquit_ev == NULL)
goto bad; goto bad;
if (sudo_ev_add(closure->evbase, closure->sigquit_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->sigquit_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
closure->sigterm_ev = sudo_ev_alloc(SIGTERM, SUDO_EV_SIGNAL, signal_cb, closure->sigterm_ev = sudo_ev_alloc(SIGTERM, SUDO_EV_SIGNAL, signal_cb,
closure); closure);
if (closure->sigterm_ev == NULL) if (closure->sigterm_ev == NULL)
goto bad; goto bad;
if (sudo_ev_add(closure->evbase, closure->sigterm_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->sigterm_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
closure->sigtstp_ev = sudo_ev_alloc(SIGTSTP, SUDO_EV_SIGNAL, signal_cb, closure->sigtstp_ev = sudo_ev_alloc(SIGTSTP, SUDO_EV_SIGNAL, signal_cb,
closure); closure);
if (closure->sigtstp_ev == NULL) if (closure->sigtstp_ev == NULL)
goto bad; goto bad;
if (sudo_ev_add(closure->evbase, closure->sigtstp_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->sigtstp_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
debug_return_ptr(closure); debug_return_ptr(closure);
bad: bad:
@ -1159,7 +1159,7 @@ write_output(int fd, int what, void *v)
} else { } else {
/* Reschedule event to write remainder. */ /* Reschedule event to write remainder. */
if (sudo_ev_add(NULL, closure->output_ev, NULL, false) == -1) if (sudo_ev_add(NULL, closure->output_ev, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
debug_return; debug_return;
} }
@ -1245,7 +1245,7 @@ parse_expr(struct search_node_list *head, char *argv[], bool sub_expr)
if (av[0][1] != '\0') if (av[0][1] != '\0')
goto bad; goto bad;
if (!sub_expr) if (!sub_expr)
sudo_fatalx(U_("unmatched ')' in expression")); sudo_fatalx("%s", U_("unmatched ')' in expression"));
debug_return_int(av - argv + 1); debug_return_int(av - argv + 1);
default: default:
bad: bad:
@ -1281,11 +1281,11 @@ parse_expr(struct search_node_list *head, char *argv[], bool sub_expr)
STAILQ_INSERT_TAIL(head, sn, entries); STAILQ_INSERT_TAIL(head, sn, entries);
} }
if (sub_expr) if (sub_expr)
sudo_fatalx(U_("unmatched '(' in expression")); sudo_fatalx("%s", U_("unmatched '(' in expression"));
if (or) if (or)
sudo_fatalx(U_("illegal trailing \"or\"")); sudo_fatalx("%s", U_("illegal trailing \"or\""));
if (not) if (not)
sudo_fatalx(U_("illegal trailing \"!\"")); sudo_fatalx("%s", U_("illegal trailing \"!\""));
debug_return_int(av - argv); debug_return_int(av - argv);
} }

4
plugins/sudoers/testsudoers.c
View File

@ -255,7 +255,7 @@ main(int argc, char *argv[])
/* Initialize default values. */ /* Initialize default values. */
if (!init_defaults()) if (!init_defaults())
sudo_fatalx(U_("unable to initialize sudoers default values")); sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
/* Set group_plugin callback. */ /* Set group_plugin callback. */
sudo_defs_table[I_GROUP_PLUGIN].callback = cb_group_plugin; sudo_defs_table[I_GROUP_PLUGIN].callback = cb_group_plugin;
@ -269,7 +269,7 @@ main(int argc, char *argv[])
/* Load ip addr/mask for each interface. */ /* Load ip addr/mask for each interface. */
if (get_net_ifs(&p) > 0) { if (get_net_ifs(&p) > 0) {
if (!set_interfaces(p)) if (!set_interfaces(p))
sudo_fatal(U_("unable to parse network address list")); sudo_fatal("%s", U_("unable to parse network address list"));
} }
/* Allocate space for data structures in the parser. */ /* Allocate space for data structures in the parser. */

20
plugins/sudoers/visudo.c
View File

@ -222,8 +222,10 @@ main(int argc, char *argv[])
if (export_path != NULL) { if (export_path != NULL) {
/* Backwards compatibility for the time being. */ /* Backwards compatibility for the time being. */
sudo_warnx(U_("the -x option will be removed in a future release")); sudo_warnx("%s",
sudo_warnx(U_("please consider using the cvtsudoers utility instead")); U_("the -x option will be removed in a future release"));
sudo_warnx("%s",
U_("please consider using the cvtsudoers utility instead"));
execlp("cvtsudoers", "cvtsudoers", "-f", "json", "-o", export_path, execlp("cvtsudoers", "cvtsudoers", "-f", "json", "-o", export_path,
sudoers_file, (char *)0); sudoers_file, (char *)0);
sudo_fatal(U_("unable to execute %s"), "cvtsudoers"); sudo_fatal(U_("unable to execute %s"), "cvtsudoers");
@ -244,7 +246,7 @@ main(int argc, char *argv[])
/* Setup defaults data structures. */ /* Setup defaults data structures. */
if (!init_defaults()) if (!init_defaults())
sudo_fatalx(U_("unable to initialize sudoers default values")); sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
if (checkonly) { if (checkonly) {
exitcode = check_syntax(sudoers_file, quiet, strict, fflag) ? 0 : 1; exitcode = check_syntax(sudoers_file, quiet, strict, fflag) ? 0 : 1;
@ -447,7 +449,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
(void) lseek(sp->fd, (off_t)0, SEEK_SET); (void) lseek(sp->fd, (off_t)0, SEEK_SET);
while ((nread = read(sp->fd, buf, sizeof(buf))) > 0) { while ((nread = read(sp->fd, buf, sizeof(buf))) > 0) {
if (write(tfd, buf, nread) != nread) if (write(tfd, buf, nread) != nread)
sudo_fatal(U_("write error")); sudo_fatal("%s", U_("write error"));
lastch = buf[nread - 1]; lastch = buf[nread - 1];
} }
@ -455,7 +457,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
if (lastch != '\n') { if (lastch != '\n') {
lastch = '\n'; lastch = '\n';
if (write(tfd, &lastch, 1) != 1) if (write(tfd, &lastch, 1) != 1)
sudo_fatal(U_("write error")); sudo_fatal("%s", U_("write error"));
} }
} }
(void) close(tfd); (void) close(tfd);
@ -488,13 +490,13 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
* number of errors during editing (?!?!). * number of errors during editing (?!?!).
*/ */
if (sudo_gettime_real(&times[0]) == -1) { if (sudo_gettime_real(&times[0]) == -1) {
sudo_warn(U_("unable to read the clock")); sudo_warn("%s", U_("unable to read the clock"));
goto done; goto done;
} }
if (run_command(editor, editor_argv) != -1) { if (run_command(editor, editor_argv) != -1) {
if (sudo_gettime_real(&times[1]) == -1) { if (sudo_gettime_real(&times[1]) == -1) {
sudo_warn(U_("unable to read the clock")); sudo_warn("%s", U_("unable to read the clock"));
goto done; goto done;
} }
/* /*
@ -600,7 +602,7 @@ reparse_sudoers(char *editor, int editor_argc, char **editor_argv,
/* Clean slate for each parse */ /* Clean slate for each parse */
if (!init_defaults()) if (!init_defaults())
sudo_fatalx(U_("unable to initialize sudoers default values")); sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
init_parser(sp->path, quiet, true); init_parser(sp->path, quiet, true);
/* Parse the sudoers temp file(s) */ /* Parse the sudoers temp file(s) */
@ -923,7 +925,7 @@ check_syntax(const char *sudoers_file, bool quiet, bool strict, bool oldperms)
goto done; goto done;
} }
if (!init_defaults()) if (!init_defaults())
sudo_fatalx(U_("unable to initialize sudoers default values")); sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
init_parser(sudoers_file, quiet, true); init_parser(sudoers_file, quiet, true);
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
if (sudoersparse() && !parse_error) { if (sudoersparse() && !parse_error) {

34
src/copy_file.c
View File

@ -113,24 +113,24 @@ sudo_copy_file(const char *src, int src_fd, off_t src_len, const char *dst,
off += nwritten; off += nwritten;
} while (nread > off); } while (nread > off);
} }
if (nread == 0) { if (nread == -1) {
/* success, read to EOF */
if (src_len < dst_len) {
/* We don't open with O_TRUNC so must truncate manually. */
if (ftruncate(dst_fd, src_len) == -1) {
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to truncate %s to %lld", dst, (long long)src_len);
goto write_error;
}
}
debug_return_int(0);
} else if (nread < 0) {
sudo_warn(U_("unable to read from %s"), src); sudo_warn(U_("unable to read from %s"), src);
debug_return_int(-1); debug_return_int(-1);
} else {
write_error:
sudo_warn(U_("unable to write to %s"), dst);
debug_return_int(-1);
} }
/* Did the file shrink? */
if (src_len < dst_len) {
/* We don't open with O_TRUNC so must truncate manually. */
if (ftruncate(dst_fd, src_len) == -1) {
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to truncate %s to %lld", dst, (long long)src_len);
goto write_error;
}
}
debug_return_int(0);
write_error:
sudo_warn(U_("unable to write to %s"), dst);
debug_return_int(-1);
} }

4
src/exec.c
View File

@ -137,7 +137,7 @@ exec_setup(struct command_details *details, int errfd)
flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY|LOGIN_SETUMASK; flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY|LOGIN_SETUMASK;
} }
if (setusercontext(lc, details->pw, details->pw->pw_uid, flags)) { if (setusercontext(lc, details->pw, details->pw->pw_uid, flags)) {
sudo_warn(U_("unable to set user context")); sudo_warn("%s", U_("unable to set user context"));
if (details->pw->pw_uid != ROOT_UID) if (details->pw->pw_uid != ROOT_UID)
goto done; goto done;
} }
@ -153,7 +153,7 @@ exec_setup(struct command_details *details, int errfd)
if (ISSET(details->flags, CD_SET_PRIORITY)) { if (ISSET(details->flags, CD_SET_PRIORITY)) {
if (setpriority(PRIO_PROCESS, 0, details->priority) != 0) { if (setpriority(PRIO_PROCESS, 0, details->priority) != 0) {
sudo_warn(U_("unable to set process priority")); sudo_warn("%s", U_("unable to set process priority"));
goto done; goto done;
} }
} }

2
src/exec_common.c
View File

@ -162,7 +162,7 @@ disable_execute(char *envp[], const char *dso)
(void)priv_set(PRIV_ON, PRIV_INHERITABLE, "PRIV_FILE_DAC_SEARCH", NULL); (void)priv_set(PRIV_ON, PRIV_INHERITABLE, "PRIV_FILE_DAC_SEARCH", NULL);
if (priv_set(PRIV_OFF, PRIV_LIMIT, "PRIV_PROC_EXEC", NULL) == 0) if (priv_set(PRIV_OFF, PRIV_LIMIT, "PRIV_PROC_EXEC", NULL) == 0)
debug_return_ptr(envp); debug_return_ptr(envp);
sudo_warn(U_("unable to remove PRIV_PROC_EXEC from PRIV_LIMIT")); sudo_warn("%s", U_("unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"));
#endif /* HAVE_PRIV_SET */ #endif /* HAVE_PRIV_SET */
#ifdef RTLD_PRELOAD_VAR #ifdef RTLD_PRELOAD_VAR

34
src/exec_monitor.c
View File

@ -357,7 +357,7 @@ mon_backchannel_cb(int fd, int what, void *v)
if (n == -1) { if (n == -1) {
if (errno == EINTR || errno == EAGAIN) if (errno == EINTR || errno == EAGAIN)
debug_return; debug_return;
sudo_warn(U_("error reading from socketpair")); sudo_warn("%s", U_("error reading from socketpair"));
} else { } else {
/* short read or EOF, parent process died? */ /* short read or EOF, parent process died? */
} }
@ -460,7 +460,7 @@ fill_exec_closure_monitor(struct monitor_closure *mc,
if (mc->errpipe_event == NULL) if (mc->errpipe_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->errpipe_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->errpipe_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
/* Event for forwarded signals via backchannel. */ /* Event for forwarded signals via backchannel. */
mc->backchannel_event = sudo_ev_alloc(backchannel, mc->backchannel_event = sudo_ev_alloc(backchannel,
@ -468,7 +468,7 @@ fill_exec_closure_monitor(struct monitor_closure *mc,
if (mc->backchannel_event == NULL) if (mc->backchannel_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->backchannel_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->backchannel_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
/* Events for local signals. */ /* Events for local signals. */
mc->sigint_event = sudo_ev_alloc(SIGINT, mc->sigint_event = sudo_ev_alloc(SIGINT,
@ -476,56 +476,56 @@ fill_exec_closure_monitor(struct monitor_closure *mc,
if (mc->sigint_event == NULL) if (mc->sigint_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigint_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigint_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sigquit_event = sudo_ev_alloc(SIGQUIT, mc->sigquit_event = sudo_ev_alloc(SIGQUIT,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sigquit_event == NULL) if (mc->sigquit_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigquit_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigquit_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sigtstp_event = sudo_ev_alloc(SIGTSTP, mc->sigtstp_event = sudo_ev_alloc(SIGTSTP,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sigtstp_event == NULL) if (mc->sigtstp_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigtstp_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigtstp_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sigterm_event = sudo_ev_alloc(SIGTERM, mc->sigterm_event = sudo_ev_alloc(SIGTERM,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sigterm_event == NULL) if (mc->sigterm_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigterm_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigterm_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sighup_event = sudo_ev_alloc(SIGHUP, mc->sighup_event = sudo_ev_alloc(SIGHUP,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sighup_event == NULL) if (mc->sighup_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sighup_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sighup_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sigusr1_event = sudo_ev_alloc(SIGUSR1, mc->sigusr1_event = sudo_ev_alloc(SIGUSR1,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sigusr1_event == NULL) if (mc->sigusr1_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigusr1_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigusr1_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sigusr2_event = sudo_ev_alloc(SIGUSR2, mc->sigusr2_event = sudo_ev_alloc(SIGUSR2,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sigusr2_event == NULL) if (mc->sigusr2_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigusr2_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigusr2_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
mc->sigchld_event = sudo_ev_alloc(SIGCHLD, mc->sigchld_event = sudo_ev_alloc(SIGCHLD,
SUDO_EV_SIGINFO, mon_signal_cb, mc); SUDO_EV_SIGINFO, mon_signal_cb, mc);
if (mc->sigchld_event == NULL) if (mc->sigchld_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(mc->evbase, mc->sigchld_event, NULL, false) == -1) if (sudo_ev_add(mc->evbase, mc->sigchld_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
/* Clear the default event base. */ /* Clear the default event base. */
sudo_ev_base_setdef(NULL); sudo_ev_base_setdef(NULL);
@ -579,7 +579,7 @@ exec_monitor(struct command_details *details, sigset_t *oset,
goto bad; goto bad;
} }
if (pty_make_controlling() == -1) { if (pty_make_controlling() == -1) {
sudo_warn(U_("unable to set controlling tty")); sudo_warn("%s", U_("unable to set controlling tty"));
goto bad; goto bad;
} }
@ -587,7 +587,7 @@ exec_monitor(struct command_details *details, sigset_t *oset,
* We use a pipe to get errno if execve(2) fails in the child. * We use a pipe to get errno if execve(2) fails in the child.
*/ */
if (pipe2(errpipe, O_CLOEXEC) != 0) if (pipe2(errpipe, O_CLOEXEC) != 0)
sudo_fatal(U_("unable to create pipe")); sudo_fatal("%s", U_("unable to create pipe"));
/* /*
* Before forking, wait for the main sudo process to tell us to go. * Before forking, wait for the main sudo process to tell us to go.
@ -595,7 +595,7 @@ exec_monitor(struct command_details *details, sigset_t *oset,
*/ */
while (recv(backchannel, &cstat, sizeof(cstat), MSG_WAITALL) == -1) { while (recv(backchannel, &cstat, sizeof(cstat), MSG_WAITALL) == -1) {
if (errno != EINTR && errno != EAGAIN) if (errno != EINTR && errno != EAGAIN)
sudo_fatal(U_("unable to receive message from parent")); sudo_fatal("%s", U_("unable to receive message from parent"));
} }
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
@ -609,11 +609,11 @@ exec_monitor(struct command_details *details, sigset_t *oset,
mc.cmnd_pid = sudo_debug_fork(); mc.cmnd_pid = sudo_debug_fork();
switch (mc.cmnd_pid) { switch (mc.cmnd_pid) {
case -1: case -1:
sudo_warn(U_("unable to fork")); sudo_warn("%s", U_("unable to fork"));
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
if (ISSET(details->flags, CD_RBAC_ENABLED)) { if (ISSET(details->flags, CD_RBAC_ENABLED)) {
if (selinux_restore_tty() != 0) if (selinux_restore_tty() != 0)
sudo_warnx(U_("unable to restore tty label")); sudo_warnx("%s", U_("unable to restore tty label"));
} }
#endif #endif
goto bad; goto bad;
@ -712,7 +712,7 @@ exec_monitor(struct command_details *details, sigset_t *oset,
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
if (ISSET(details->flags, CD_RBAC_ENABLED)) { if (ISSET(details->flags, CD_RBAC_ENABLED)) {
if (selinux_restore_tty() != 0) if (selinux_restore_tty() != 0)
sudo_warnx(U_("unable to restore tty label")); sudo_warnx("%s", U_("unable to restore tty label"));
} }
#endif #endif
sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 1); sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 1);

36
src/exec_nopty.c
View File

@ -211,7 +211,7 @@ fill_exec_closure_nopty(struct exec_closure_nopty *ec,
if (ec->errpipe_event == NULL) if (ec->errpipe_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->errpipe_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->errpipe_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
sudo_debug_printf(SUDO_DEBUG_INFO, "error pipe fd %d\n", errfd); sudo_debug_printf(SUDO_DEBUG_INFO, "error pipe fd %d\n", errfd);
/* Events for local signals. */ /* Events for local signals. */
@ -220,77 +220,77 @@ fill_exec_closure_nopty(struct exec_closure_nopty *ec,
if (ec->sigint_event == NULL) if (ec->sigint_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigint_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigint_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigquit_event = sudo_ev_alloc(SIGQUIT, ec->sigquit_event = sudo_ev_alloc(SIGQUIT,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigquit_event == NULL) if (ec->sigquit_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigquit_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigquit_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigtstp_event = sudo_ev_alloc(SIGTSTP, ec->sigtstp_event = sudo_ev_alloc(SIGTSTP,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigtstp_event == NULL) if (ec->sigtstp_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigtstp_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigtstp_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigterm_event = sudo_ev_alloc(SIGTERM, ec->sigterm_event = sudo_ev_alloc(SIGTERM,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigterm_event == NULL) if (ec->sigterm_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigterm_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigterm_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sighup_event = sudo_ev_alloc(SIGHUP, ec->sighup_event = sudo_ev_alloc(SIGHUP,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sighup_event == NULL) if (ec->sighup_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sighup_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sighup_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigalrm_event = sudo_ev_alloc(SIGALRM, ec->sigalrm_event = sudo_ev_alloc(SIGALRM,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigalrm_event == NULL) if (ec->sigalrm_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigalrm_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigalrm_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigpipe_event = sudo_ev_alloc(SIGPIPE, ec->sigpipe_event = sudo_ev_alloc(SIGPIPE,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigpipe_event == NULL) if (ec->sigpipe_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigpipe_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigpipe_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigusr1_event = sudo_ev_alloc(SIGUSR1, ec->sigusr1_event = sudo_ev_alloc(SIGUSR1,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigusr1_event == NULL) if (ec->sigusr1_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigusr1_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigusr1_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigusr2_event = sudo_ev_alloc(SIGUSR2, ec->sigusr2_event = sudo_ev_alloc(SIGUSR2,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigusr2_event == NULL) if (ec->sigusr2_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigusr2_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigusr2_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigchld_event = sudo_ev_alloc(SIGCHLD, ec->sigchld_event = sudo_ev_alloc(SIGCHLD,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigchld_event == NULL) if (ec->sigchld_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigchld_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigchld_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigcont_event = sudo_ev_alloc(SIGCONT, ec->sigcont_event = sudo_ev_alloc(SIGCONT,
SUDO_EV_SIGINFO, signal_cb_nopty, ec); SUDO_EV_SIGINFO, signal_cb_nopty, ec);
if (ec->sigcont_event == NULL) if (ec->sigcont_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigcont_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigcont_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
#ifdef SIGINFO #ifdef SIGINFO
ec->siginfo_event = sudo_ev_alloc(SIGINFO, ec->siginfo_event = sudo_ev_alloc(SIGINFO,
@ -298,7 +298,7 @@ fill_exec_closure_nopty(struct exec_closure_nopty *ec,
if (ec->siginfo_event == NULL) if (ec->siginfo_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->siginfo_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->siginfo_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
#endif #endif
/* Set the default event base. */ /* Set the default event base. */
@ -349,13 +349,13 @@ exec_nopty(struct command_details *details, struct command_status *cstat)
* or certain pam modules won't be able to track their state. * or certain pam modules won't be able to track their state.
*/ */
if (policy_init_session(details) != true) if (policy_init_session(details) != true)
sudo_fatalx(U_("policy plugin failed session initialization")); sudo_fatalx("%s", U_("policy plugin failed session initialization"));
/* /*
* We use a pipe to get errno if execve(2) fails in the child. * We use a pipe to get errno if execve(2) fails in the child.
*/ */
if (pipe2(errpipe, O_CLOEXEC) != 0) if (pipe2(errpipe, O_CLOEXEC) != 0)
sudo_fatal(U_("unable to create pipe")); sudo_fatal("%s", U_("unable to create pipe"));
/* /*
* Block signals until we have our handlers setup in the parent so * Block signals until we have our handlers setup in the parent so
@ -384,7 +384,7 @@ exec_nopty(struct command_details *details, struct command_status *cstat)
ec.cmnd_pid = sudo_debug_fork(); ec.cmnd_pid = sudo_debug_fork();
switch (ec.cmnd_pid) { switch (ec.cmnd_pid) {
case -1: case -1:
sudo_fatal(U_("unable to fork")); sudo_fatal("%s", U_("unable to fork"));
break; break;
case 0: case 0:
/* child */ /* child */
@ -426,7 +426,7 @@ exec_nopty(struct command_details *details, struct command_status *cstat)
* Wait for command to exit, handles signals and the error pipe. * Wait for command to exit, handles signals and the error pipe.
*/ */
if (sudo_ev_dispatch(ec.evbase) == -1) if (sudo_ev_dispatch(ec.evbase) == -1)
sudo_warn(U_("error in event loop")); sudo_warn("%s", U_("error in event loop"));
if (sudo_ev_got_break(ec.evbase)) { if (sudo_ev_got_break(ec.evbase)) {
/* error from callback */ /* error from callback */
sudo_debug_printf(SUDO_DEBUG_ERROR, "event loop exited prematurely"); sudo_debug_printf(SUDO_DEBUG_ERROR, "event loop exited prematurely");
@ -438,7 +438,7 @@ exec_nopty(struct command_details *details, struct command_status *cstat)
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
if (ISSET(details->flags, CD_RBAC_ENABLED)) { if (ISSET(details->flags, CD_RBAC_ENABLED)) {
if (selinux_restore_tty() != 0) if (selinux_restore_tty() != 0)
sudo_warnx(U_("unable to restore tty label")); sudo_warnx("%s", U_("unable to restore tty label"));
} }
#endif #endif

60
src/exec_pty.c
View File

@ -149,7 +149,7 @@ pty_setup(struct command_details *details, const char *tty)
if (!get_pty(&io_fds[SFD_LEADER], &io_fds[SFD_FOLLOWER], if (!get_pty(&io_fds[SFD_LEADER], &io_fds[SFD_FOLLOWER],
ptyname, sizeof(ptyname), details->euid)) ptyname, sizeof(ptyname), details->euid))
sudo_fatal(U_("unable to allocate pty")); sudo_fatal("%s", U_("unable to allocate pty"));
/* Update tty name in command details (used by SELinux and AIX). */ /* Update tty name in command details (used by SELinux and AIX). */
details->tty = ptyname; details->tty = ptyname;
@ -690,12 +690,12 @@ read_callback(int fd, int what, void *v)
/* Enable writer now that there is data in the buffer. */ /* Enable writer now that there is data in the buffer. */
if (iob->wevent != NULL) { if (iob->wevent != NULL) {
if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
/* Re-enable reader if buffer is not full. */ /* Re-enable reader if buffer is not full. */
if (iob->len != sizeof(iob->buf)) { if (iob->len != sizeof(iob->buf)) {
if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
break; break;
} }
@ -792,14 +792,14 @@ write_callback(int fd, int what, void *v)
/* Re-enable writer if buffer is not empty. */ /* Re-enable writer if buffer is not empty. */
if (iob->len > iob->off) { if (iob->len > iob->off) {
if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
/* Enable reader if buffer is not full. */ /* Enable reader if buffer is not full. */
if (iob->revent != NULL && if (iob->revent != NULL &&
(ttymode == TERM_RAW || !USERTTY_EVENT(iob->revent))) { (ttymode == TERM_RAW || !USERTTY_EVENT(iob->revent))) {
if (iob->len != sizeof(iob->buf)) { if (iob->len != sizeof(iob->buf)) {
if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
} }
} }
@ -896,7 +896,7 @@ send_command_status(struct exec_closure_pty *ec, int type, int val)
TAILQ_INSERT_TAIL(&ec->monitor_messages, msg, entries); TAILQ_INSERT_TAIL(&ec->monitor_messages, msg, entries);
if (sudo_ev_add(ec->evbase, ec->fwdchannel_event, NULL, true) == -1) if (sudo_ev_add(ec->evbase, ec->fwdchannel_event, NULL, true) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
/* Restart event loop to send the command immediately. */ /* Restart event loop to send the command immediately. */
sudo_ev_loopcontinue(ec->evbase); sudo_ev_loopcontinue(ec->evbase);
@ -1217,7 +1217,7 @@ fill_exec_closure_pty(struct exec_closure_pty *ec, struct command_status *cstat,
if (ec->backchannel_event == NULL) if (ec->backchannel_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->backchannel_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->backchannel_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
sudo_debug_printf(SUDO_DEBUG_INFO, "backchannel fd %d\n", backchannel); sudo_debug_printf(SUDO_DEBUG_INFO, "backchannel fd %d\n", backchannel);
/* Events for local signals. */ /* Events for local signals. */
@ -1226,70 +1226,70 @@ fill_exec_closure_pty(struct exec_closure_pty *ec, struct command_status *cstat,
if (ec->sigint_event == NULL) if (ec->sigint_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigint_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigint_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigquit_event = sudo_ev_alloc(SIGQUIT, ec->sigquit_event = sudo_ev_alloc(SIGQUIT,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigquit_event == NULL) if (ec->sigquit_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigquit_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigquit_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigtstp_event = sudo_ev_alloc(SIGTSTP, ec->sigtstp_event = sudo_ev_alloc(SIGTSTP,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigtstp_event == NULL) if (ec->sigtstp_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigtstp_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigtstp_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigterm_event = sudo_ev_alloc(SIGTERM, ec->sigterm_event = sudo_ev_alloc(SIGTERM,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigterm_event == NULL) if (ec->sigterm_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigterm_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigterm_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sighup_event = sudo_ev_alloc(SIGHUP, ec->sighup_event = sudo_ev_alloc(SIGHUP,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sighup_event == NULL) if (ec->sighup_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sighup_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sighup_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigalrm_event = sudo_ev_alloc(SIGALRM, ec->sigalrm_event = sudo_ev_alloc(SIGALRM,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigalrm_event == NULL) if (ec->sigalrm_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigalrm_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigalrm_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigusr1_event = sudo_ev_alloc(SIGUSR1, ec->sigusr1_event = sudo_ev_alloc(SIGUSR1,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigusr1_event == NULL) if (ec->sigusr1_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigusr1_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigusr1_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigusr2_event = sudo_ev_alloc(SIGUSR2, ec->sigusr2_event = sudo_ev_alloc(SIGUSR2,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigusr2_event == NULL) if (ec->sigusr2_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigusr2_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigusr2_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigchld_event = sudo_ev_alloc(SIGCHLD, ec->sigchld_event = sudo_ev_alloc(SIGCHLD,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigchld_event == NULL) if (ec->sigchld_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigchld_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigchld_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
ec->sigwinch_event = sudo_ev_alloc(SIGWINCH, ec->sigwinch_event = sudo_ev_alloc(SIGWINCH,
SUDO_EV_SIGINFO, signal_cb_pty, ec); SUDO_EV_SIGINFO, signal_cb_pty, ec);
if (ec->sigwinch_event == NULL) if (ec->sigwinch_event == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (sudo_ev_add(ec->evbase, ec->sigwinch_event, NULL, false) == -1) if (sudo_ev_add(ec->evbase, ec->sigwinch_event, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
/* The signal forwarding event gets added on demand. */ /* The signal forwarding event gets added on demand. */
ec->fwdchannel_event = sudo_ev_alloc(backchannel, ec->fwdchannel_event = sudo_ev_alloc(backchannel,
@ -1372,7 +1372,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1 || if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1 ||
fcntl(sv[0], F_SETFD, FD_CLOEXEC) == -1 || fcntl(sv[0], F_SETFD, FD_CLOEXEC) == -1 ||
fcntl(sv[1], F_SETFD, FD_CLOEXEC) == -1) fcntl(sv[1], F_SETFD, FD_CLOEXEC) == -1)
sudo_fatal(U_("unable to create sockets")); sudo_fatal("%s", U_("unable to create sockets"));
/* /*
* We don't want to receive SIGTTIN/SIGTTOU. * We don't want to receive SIGTTIN/SIGTTOU.
@ -1392,7 +1392,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
* or certain pam modules won't be able to track their state. * or certain pam modules won't be able to track their state.
*/ */
if (policy_init_session(details) != true) if (policy_init_session(details) != true)
sudo_fatalx(U_("policy plugin failed session initialization")); sudo_fatalx("%s", U_("policy plugin failed session initialization"));
/* /*
* Child will run the command in the pty, parent will pass data * Child will run the command in the pty, parent will pass data
@ -1462,7 +1462,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
"stdin not a tty, creating a pipe"); "stdin not a tty, creating a pipe");
pipeline = true; pipeline = true;
if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0) if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
sudo_fatal(U_("unable to create pipe")); sudo_fatal("%s", U_("unable to create pipe"));
io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1], io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
log_stdin, &ec, &iobufs); log_stdin, &ec, &iobufs);
io_fds[SFD_STDIN] = io_pipe[STDIN_FILENO][0]; io_fds[SFD_STDIN] = io_pipe[STDIN_FILENO][0];
@ -1483,7 +1483,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
"stdout not a tty, creating a pipe"); "stdout not a tty, creating a pipe");
pipeline = true; pipeline = true;
if (pipe2(io_pipe[STDOUT_FILENO], O_CLOEXEC) != 0) if (pipe2(io_pipe[STDOUT_FILENO], O_CLOEXEC) != 0)
sudo_fatal(U_("unable to create pipe")); sudo_fatal("%s", U_("unable to create pipe"));
io_buf_new(io_pipe[STDOUT_FILENO][0], STDOUT_FILENO, io_buf_new(io_pipe[STDOUT_FILENO][0], STDOUT_FILENO,
log_stdout, &ec, &iobufs); log_stdout, &ec, &iobufs);
io_fds[SFD_STDOUT] = io_pipe[STDOUT_FILENO][1]; io_fds[SFD_STDOUT] = io_pipe[STDOUT_FILENO][1];
@ -1503,7 +1503,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"stderr not a tty, creating a pipe"); "stderr not a tty, creating a pipe");
if (pipe2(io_pipe[STDERR_FILENO], O_CLOEXEC) != 0) if (pipe2(io_pipe[STDERR_FILENO], O_CLOEXEC) != 0)
sudo_fatal(U_("unable to create pipe")); sudo_fatal("%s", U_("unable to create pipe"));
io_buf_new(io_pipe[STDERR_FILENO][0], STDERR_FILENO, io_buf_new(io_pipe[STDERR_FILENO][0], STDERR_FILENO,
log_stderr, &ec, &iobufs); log_stderr, &ec, &iobufs);
io_fds[SFD_STDERR] = io_pipe[STDERR_FILENO][1]; io_fds[SFD_STDERR] = io_pipe[STDERR_FILENO][1];
@ -1541,7 +1541,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
ec.monitor_pid = sudo_debug_fork(); ec.monitor_pid = sudo_debug_fork();
switch (ec.monitor_pid) { switch (ec.monitor_pid) {
case -1: case -1:
sudo_fatal(U_("unable to fork")); sudo_fatal("%s", U_("unable to fork"));
break; break;
case 0: case 0:
/* child */ /* child */
@ -1584,7 +1584,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
cstat->val = 0; cstat->val = 0;
while (send(sv[0], cstat, sizeof(*cstat), 0) == -1) { while (send(sv[0], cstat, sizeof(*cstat), 0) == -1) {
if (errno != EINTR && errno != EAGAIN) if (errno != EINTR && errno != EAGAIN)
sudo_fatal(U_("unable to send message to monitor process")); sudo_fatal("%s", U_("unable to send message to monitor process"));
} }
/* Close the other end of the stdin/stdout/stderr pipes and socketpair. */ /* Close the other end of the stdin/stdout/stderr pipes and socketpair. */
@ -1629,7 +1629,7 @@ exec_pty(struct command_details *details, struct command_status *cstat)
add_io_events(ec.evbase); add_io_events(ec.evbase);
do { do {
if (sudo_ev_dispatch(ec.evbase) == -1) if (sudo_ev_dispatch(ec.evbase) == -1)
sudo_warn(U_("error in event loop")); sudo_warn("%s", U_("error in event loop"));
if (sudo_ev_got_break(ec.evbase)) { if (sudo_ev_got_break(ec.evbase)) {
/* error from callback or monitor died */ /* error from callback or monitor died */
sudo_debug_printf(SUDO_DEBUG_ERROR, "event loop exited prematurely"); sudo_debug_printf(SUDO_DEBUG_ERROR, "event loop exited prematurely");
@ -1690,7 +1690,7 @@ add_io_events(struct sudo_event_base *evbase)
"added I/O revent %p, fd %d, events %d", "added I/O revent %p, fd %d, events %d",
iob->revent, iob->revent->fd, iob->revent->events); iob->revent, iob->revent->fd, iob->revent->events);
if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
} }
if (iob->wevent != NULL) { if (iob->wevent != NULL) {
@ -1700,7 +1700,7 @@ add_io_events(struct sudo_event_base *evbase)
"added I/O wevent %p, fd %d, events %d", "added I/O wevent %p, fd %d, events %d",
iob->wevent, iob->wevent->fd, iob->wevent->events); iob->wevent, iob->wevent->fd, iob->wevent->events);
if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
} }
} }
@ -1745,14 +1745,14 @@ del_io_events(bool nonblocking)
if (iob->revent != NULL && !USERTTY_EVENT(iob->revent)) { if (iob->revent != NULL && !USERTTY_EVENT(iob->revent)) {
if (iob->len != sizeof(iob->buf)) { if (iob->len != sizeof(iob->buf)) {
if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
} }
/* Flush any write buffers with data in them. */ /* Flush any write buffers with data in them. */
if (iob->wevent != NULL) { if (iob->wevent != NULL) {
if (iob->len > iob->off) { if (iob->len > iob->off) {
if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
} }
} }
@ -1779,7 +1779,7 @@ del_io_events(bool nonblocking)
if (iob->wevent != NULL) { if (iob->wevent != NULL) {
if (iob->len > iob->off) { if (iob->len > iob->off) {
if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1) if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1)
sudo_fatal(U_("unable to add event to queue")); sudo_fatal("%s", U_("unable to add event to queue"));
} }
} }
} }

3
src/load_plugins.c
View File

@ -326,7 +326,8 @@ sudo_load_plugin(struct plugin_container *policy_plugin,
if (!quiet) { if (!quiet) {
sudo_warnx(U_("ignoring policy plugin \"%s\" in %s, line %d"), sudo_warnx(U_("ignoring policy plugin \"%s\" in %s, line %d"),
info->symbol_name, _PATH_SUDO_CONF, info->lineno); info->symbol_name, _PATH_SUDO_CONF, info->lineno);
sudo_warnx(U_("only a single policy plugin may be specified")); sudo_warnx("%s",
U_("only a single policy plugin may be specified"));
} }
goto done; goto done;
} }

26
src/parse_args.c
View File

@ -315,7 +315,8 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
case 'C': case 'C':
assert(optarg != NULL); assert(optarg != NULL);
if (sudo_strtonum(optarg, 3, INT_MAX, NULL) == 0) { if (sudo_strtonum(optarg, 3, INT_MAX, NULL) == 0) {
sudo_warnx(U_("the argument to -C must be a number greater than or equal to 3")); sudo_warnx("%s",
U_("the argument to -C must be a number greater than or equal to 3"));
usage(); usage();
} }
if (sudo_settings[ARG_CLOSEFROM].value != NULL) if (sudo_settings[ARG_CLOSEFROM].value != NULL)
@ -528,11 +529,13 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
if (ISSET(flags, MODE_LOGIN_SHELL)) { if (ISSET(flags, MODE_LOGIN_SHELL)) {
if (ISSET(flags, MODE_SHELL)) { if (ISSET(flags, MODE_SHELL)) {
sudo_warnx(U_("you may not specify both the -i and -s options")); sudo_warnx("%s",
U_("you may not specify both the -i and -s options"));
usage(); usage();
} }
if (ISSET(flags, MODE_PRESERVE_ENV)) { if (ISSET(flags, MODE_PRESERVE_ENV)) {
sudo_warnx(U_("you may not specify both the -i and -E options")); sudo_warnx("%s",
U_("you may not specify both the -i and -E options"));
usage(); usage();
} }
SET(flags, MODE_SHELL); SET(flags, MODE_SHELL);
@ -542,9 +545,10 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
if (mode == MODE_EDIT && if (mode == MODE_EDIT &&
(ISSET(flags, MODE_PRESERVE_ENV) || extra_env.env_len != 0)) { (ISSET(flags, MODE_PRESERVE_ENV) || extra_env.env_len != 0)) {
if (ISSET(mode, MODE_PRESERVE_ENV)) if (ISSET(mode, MODE_PRESERVE_ENV))
sudo_warnx(U_("the -E option is not valid in edit mode")); sudo_warnx("%s", U_("the -E option is not valid in edit mode"));
if (extra_env.env_len != 0) if (extra_env.env_len != 0)
sudo_warnx(U_("you may not specify environment variables in edit mode")); sudo_warnx("%s",
U_("you may not specify environment variables in edit mode"));
usage(); usage();
} }
if ((sudo_settings[ARG_RUNAS_USER].value != NULL || if ((sudo_settings[ARG_RUNAS_USER].value != NULL ||
@ -553,11 +557,12 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
usage(); usage();
} }
if (list_user != NULL && mode != MODE_LIST && mode != MODE_CHECK) { if (list_user != NULL && mode != MODE_LIST && mode != MODE_CHECK) {
sudo_warnx(U_("the -U option may only be used with the -l option")); sudo_warnx("%s",
U_("the -U option may only be used with the -l option"));
usage(); usage();
} }
if (ISSET(tgetpass_flags, TGP_STDIN) && ISSET(tgetpass_flags, TGP_ASKPASS)) { if (ISSET(tgetpass_flags, TGP_STDIN) && ISSET(tgetpass_flags, TGP_ASKPASS)) {
sudo_warnx(U_("the -A and -S options may not be used together")); sudo_warnx("%s", U_("the -A and -S options may not be used together"));
usage(); usage();
} }
if ((argc == 0 && mode == MODE_EDIT) || if ((argc == 0 && mode == MODE_EDIT) ||
@ -650,7 +655,7 @@ parse_args(int argc, char **argv, int *old_optind, int *nargc, char ***nargv,
argv = av; argv = av;
argc = ac; argc = ac;
#else #else
sudo_fatalx(U_("sudoedit is not supported on this platform")); sudo_fatalx("%s", U_("sudoedit is not supported on this platform"));
#endif #endif
} }
@ -731,7 +736,8 @@ usage_excl(void)
{ {
debug_decl(usage_excl, SUDO_DEBUG_ARGS); debug_decl(usage_excl, SUDO_DEBUG_ARGS);
sudo_warnx(U_("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified")); sudo_warnx("%s",
U_("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"));
usage(); usage();
} }
@ -752,7 +758,7 @@ help(void)
display_usage(usage_out); display_usage(usage_out);
sudo_lbuf_append(&lbuf, _("\nOptions:\n")); sudo_lbuf_append(&lbuf, "%s", _("\nOptions:\n"));
sudo_lbuf_append(&lbuf, " -A, --askpass %s\n", sudo_lbuf_append(&lbuf, " -A, --askpass %s\n",
_("use a helper program for password prompting")); _("use a helper program for password prompting"));
#ifdef HAVE_BSD_AUTH_H #ifdef HAVE_BSD_AUTH_H

16
src/selinux.c
View File

@ -81,7 +81,7 @@ audit_role_change(const security_context_t old_context,
/* Kernel may not have audit support. */ /* Kernel may not have audit support. */
if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT
) )
sudo_fatal(U_("unable to open audit system")); sudo_fatal("%s", U_("unable to open audit system"));
} else { } else {
/* audit role change using the same format as newrole(1) */ /* audit role change using the same format as newrole(1) */
rc = asprintf(&message, "newrole: old-context=%s new-context=%s", rc = asprintf(&message, "newrole: old-context=%s new-context=%s",
@ -91,7 +91,7 @@ audit_role_change(const security_context_t old_context,
rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE, rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE,
message, NULL, NULL, ttyn, result); message, NULL, NULL, ttyn, result);
if (rc <= 0) if (rc <= 0)
sudo_warn(U_("unable to send audit message")); sudo_warn("%s", U_("unable to send audit message"));
free(message); free(message);
close(au_fd); close(au_fd);
} }
@ -199,7 +199,7 @@ relabel_tty(const char *ttyn, int ptyfd)
} }
if (fgetfilecon(se_state.ttyfd, &tty_con) == -1) { if (fgetfilecon(se_state.ttyfd, &tty_con) == -1) {
sudo_warn(U_("unable to get current tty context, not relabeling tty")); sudo_warn("%s", U_("unable to get current tty context, not relabeling tty"));
goto bad; goto bad;
} }
@ -211,7 +211,7 @@ relabel_tty(const char *ttyn, int ptyfd)
} }
if (security_compute_relabel(se_state.new_context, tty_con, if (security_compute_relabel(se_state.new_context, tty_con,
tclass, &new_tty_con) == -1) { tclass, &new_tty_con) == -1) {
sudo_warn(U_("unable to get new tty context, not relabeling tty")); sudo_warn("%s", U_("unable to get new tty context, not relabeling tty"));
goto bad; goto bad;
} }
} }
@ -220,7 +220,7 @@ relabel_tty(const char *ttyn, int ptyfd)
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: tty context %s -> %s", sudo_debug_printf(SUDO_DEBUG_INFO, "%s: tty context %s -> %s",
__func__, tty_con, new_tty_con); __func__, tty_con, new_tty_con);
if (fsetfilecon(se_state.ttyfd, new_tty_con) == -1) { if (fsetfilecon(se_state.ttyfd, new_tty_con) == -1) {
sudo_warn(U_("unable to set new tty context")); sudo_warn("%s", U_("unable to set new tty context"));
goto bad; goto bad;
} }
} }
@ -336,7 +336,7 @@ get_exec_context(security_context_t old_context, const char *role, const char *t
* its components easily. * its components easily.
*/ */
if ((context = context_new(old_context)) == NULL) { if ((context = context_new(old_context)) == NULL) {
sudo_warn(U_("failed to get new context")); sudo_warn("%s", U_("failed to get new context"));
goto bad; goto bad;
} }
@ -393,13 +393,13 @@ selinux_setup(const char *role, const char *type, const char *ttyn,
/* Store the caller's SID in old_context. */ /* Store the caller's SID in old_context. */
if (getprevcon(&se_state.old_context)) { if (getprevcon(&se_state.old_context)) {
sudo_warn(U_("failed to get old context")); sudo_warn("%s", U_("failed to get old context"));
goto done; goto done;
} }
se_state.enforcing = security_getenforce(); se_state.enforcing = security_getenforce();
if (se_state.enforcing == -1) { if (se_state.enforcing == -1) {
sudo_warn(U_("unable to determine enforcing mode.")); sudo_warn("%s", U_("unable to determine enforcing mode."));
goto done; goto done;
} }

2
src/sesh.c
View File

@ -74,7 +74,7 @@ main(int argc, char *argv[], char *envp[])
textdomain(PACKAGE_NAME); textdomain(PACKAGE_NAME);
if (argc < 2) if (argc < 2)
sudo_fatalx(U_("requires at least one argument")); sudo_fatalx("%s", U_("requires at least one argument"));
/* Read sudo.conf and initialize the debug subsystem. */ /* Read sudo.conf and initialize the debug subsystem. */
if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) == -1) if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) == -1)

4
src/solaris.c
View File

@ -69,14 +69,14 @@ set_project(struct passwd *pw)
case SETPROJ_ERR_TASK: case SETPROJ_ERR_TASK:
switch (errno) { switch (errno) {
case EAGAIN: case EAGAIN:
sudo_warnx(U_("resource control limit has been reached")); sudo_warnx("%s", U_("resource control limit has been reached"));
break; break;
case ESRCH: case ESRCH:
sudo_warnx(U_("user \"%s\" is not a member of project \"%s\""), sudo_warnx(U_("user \"%s\" is not a member of project \"%s\""),
pw->pw_name, proj.pj_name); pw->pw_name, proj.pj_name);
break; break;
case EACCES: case EACCES:
sudo_warnx(U_("the invoking task is final")); sudo_warnx("%s", U_("the invoking task is final"));
break; break;
default: default:
sudo_warnx(U_("could not join project \"%s\""), proj.pj_name); sudo_warnx(U_("could not join project \"%s\""), proj.pj_name);

11
src/sudo.c
View File

@ -227,7 +227,7 @@ main(int argc, char *argv[], char *envp[])
/* Load plugins. */ /* Load plugins. */
if (!sudo_load_plugins(&policy_plugin, &io_plugins, &audit_plugins, if (!sudo_load_plugins(&policy_plugin, &io_plugins, &audit_plugins,
&approval_plugins)) &approval_plugins))
sudo_fatalx(U_("fatal error, unable to load plugins")); sudo_fatalx("%s", U_("fatal error, unable to load plugins"));
/* Allocate event base so plugin can use it. */ /* Allocate event base so plugin can use it. */
if ((sudo_event_base = sudo_ev_base_alloc()) == NULL) if ((sudo_event_base = sudo_ev_base_alloc()) == NULL)
@ -272,7 +272,8 @@ main(int argc, char *argv[], char *envp[])
for (nargv = argv_out, nargc = 0; nargv[nargc] != NULL; nargc++) for (nargv = argv_out, nargc = 0; nargv[nargc] != NULL; nargc++)
continue; continue;
if (nargc == 0) if (nargc == 0)
sudo_fatalx(U_("plugin did not return a command to execute")); sudo_fatalx("%s",
U_("plugin did not return a command to execute"));
/* Approval plugins run after policy plugin accepts the command. */ /* Approval plugins run after policy plugin accepts the command. */
approval_check(settings, user_info, submit_optind, argv, envp, approval_check(settings, user_info, submit_optind, argv, envp,
@ -597,7 +598,7 @@ get_user_info(struct user_details *ud)
} else { } else {
/* tty may not always be present */ /* tty may not always be present */
if (errno != ENOENT) if (errno != ENOENT)
sudo_warn(U_("unable to determine tty")); sudo_warn("%s", U_("unable to determine tty"));
} }
cp = sudo_gethostname(); cp = sudo_gethostname();
@ -927,7 +928,7 @@ set_user_groups(struct command_details *details)
if (!ISSET(details->flags, CD_PRESERVE_GROUPS)) { if (!ISSET(details->flags, CD_PRESERVE_GROUPS)) {
if (details->ngroups >= 0) { if (details->ngroups >= 0) {
if (sudo_setgroups(details->ngroups, details->groups) < 0) { if (sudo_setgroups(details->ngroups, details->groups) < 0) {
sudo_warn(U_("unable to set supplementary group IDs")); sudo_warn("%s", U_("unable to set supplementary group IDs"));
goto done; goto done;
} }
} }
@ -1092,7 +1093,7 @@ policy_open(struct sudo_settings *settings, char * const user_info[],
usage(); usage();
else { else {
/* XXX - audit */ /* XXX - audit */
sudo_fatalx(U_("unable to initialize policy plugin")); sudo_fatalx("%s", U_("unable to initialize policy plugin"));
} }
} }

26
src/sudo_edit.c
View File

@ -223,7 +223,7 @@ set_tmpdir(struct command_details *command_details)
} }
} }
if (tdir == NULL) if (tdir == NULL)
sudo_fatalx(U_("no writable temporary directory found")); sudo_fatalx("%s", U_("no writable temporary directory found"));
len = strlcpy(edit_tmpdir, tdir, sizeof(edit_tmpdir)); len = strlcpy(edit_tmpdir, tdir, sizeof(edit_tmpdir));
if (len >= sizeof(edit_tmpdir)) { if (len >= sizeof(edit_tmpdir)) {
@ -348,7 +348,7 @@ done:
/* Restore cwd */ /* Restore cwd */
if (odfd != -1) { if (odfd != -1) {
if (fchdir(odfd) == -1) if (fchdir(odfd) == -1)
sudo_fatal(U_("unable to restore current working directory")); sudo_fatal("%s", U_("unable to restore current working directory"));
close(odfd); close(odfd);
} }
@ -732,7 +732,7 @@ selinux_run_helper(char *argv[], char *envp[])
child = sudo_debug_fork(); child = sudo_debug_fork();
switch (child) { switch (child) {
case -1: case -1:
sudo_warn(U_("unable to fork")); sudo_warn("%s", U_("unable to fork"));
break; break;
case 0: case 0:
/* child runs sesh in new context */ /* child runs sesh in new context */
@ -811,11 +811,11 @@ selinux_edit_create_tfiles(struct command_details *command_details,
case SESH_SUCCESS: case SESH_SUCCESS:
break; break;
case SESH_ERR_BAD_PATHS: case SESH_ERR_BAD_PATHS:
sudo_fatalx(U_("sesh: internal error: odd number of paths")); sudo_fatalx("%s", U_("sesh: internal error: odd number of paths"));
case SESH_ERR_NO_FILES: case SESH_ERR_NO_FILES:
sudo_fatalx(U_("sesh: unable to create temporary files")); sudo_fatalx("%s", U_("sesh: unable to create temporary files"));
case SESH_ERR_KILLED: case SESH_ERR_KILLED:
sudo_fatalx(U_("sesh: killed by a signal")); sudo_fatalx("%s", U_("sesh: killed by a signal"));
default: default:
sudo_fatalx(U_("sesh: unknown error %d"), rc); sudo_fatalx(U_("sesh: unknown error %d"), rc);
} }
@ -891,13 +891,15 @@ selinux_edit_copy_tfiles(struct command_details *command_details,
ret = 0; ret = 0;
break; break;
case SESH_ERR_NO_FILES: case SESH_ERR_NO_FILES:
sudo_warnx(U_("unable to copy temporary files back to their original location")); sudo_warnx("%s",
U_("unable to copy temporary files back to their original location"));
break; break;
case SESH_ERR_SOME_FILES: case SESH_ERR_SOME_FILES:
sudo_warnx(U_("unable to copy some of the temporary files back to their original location")); sudo_warnx("%s",
U_("unable to copy some of the temporary files back to their original location"));
break; break;
case SESH_ERR_KILLED: case SESH_ERR_KILLED:
sudo_warnx(U_("sesh: killed by a signal")); sudo_warnx("%s", U_("sesh: killed by a signal"));
break; break;
default: default:
sudo_warnx(U_("sesh: unknown error %d"), rc); sudo_warnx(U_("sesh: unknown error %d"), rc);
@ -955,7 +957,7 @@ sudo_edit(struct command_details *command_details)
editor_argc++; editor_argc++;
} }
if (nfiles == 0) { if (nfiles == 0) {
sudo_warnx(U_("plugin error: missing file list for sudoedit")); sudo_warnx("%s", U_("plugin error: missing file list for sudoedit"));
goto cleanup; goto cleanup;
} }
@ -1006,7 +1008,7 @@ sudo_edit(struct command_details *command_details)
* XXX - should run editor with user's context * XXX - should run editor with user's context
*/ */
if (sudo_gettime_real(&times[0]) == -1) { if (sudo_gettime_real(&times[0]) == -1) {
sudo_warn(U_("unable to read the clock")); sudo_warn("%s", U_("unable to read the clock"));
goto cleanup; goto cleanup;
} }
memcpy(&saved_command_details, command_details, sizeof(struct command_details)); memcpy(&saved_command_details, command_details, sizeof(struct command_details));
@ -1019,7 +1021,7 @@ sudo_edit(struct command_details *command_details)
command_details->argv = nargv; command_details->argv = nargv;
rc = run_command(command_details); rc = run_command(command_details);
if (sudo_gettime_real(&times[1]) == -1) { if (sudo_gettime_real(&times[1]) == -1) {
sudo_warn(U_("unable to read the clock")); sudo_warn("%s", U_("unable to read the clock"));
goto cleanup; goto cleanup;
} }

16
src/tgetpass.c
View File

@ -92,13 +92,13 @@ tgetpass_display_error(enum tgetpass_errval errval)
case TGP_ERRVAL_NOERROR: case TGP_ERRVAL_NOERROR:
break; break;
case TGP_ERRVAL_TIMEOUT: case TGP_ERRVAL_TIMEOUT:
sudo_warnx(U_("timed out reading password")); sudo_warnx("%s", U_("timed out reading password"));
break; break;
case TGP_ERRVAL_NOPASSWORD: case TGP_ERRVAL_NOPASSWORD:
sudo_warnx(U_("no password was provided")); sudo_warnx("%s", U_("no password was provided"));
break; break;
case TGP_ERRVAL_READERROR: case TGP_ERRVAL_READERROR:
sudo_warn(U_("unable to read password")); sudo_warn("%s", U_("unable to read password"));
break; break;
} }
debug_return; debug_return;
@ -137,7 +137,8 @@ restart:
ttyfd = open(_PATH_TTY, O_RDWR); ttyfd = open(_PATH_TTY, O_RDWR);
if (ttyfd == -1 && !ISSET(flags, TGP_ECHO|TGP_NOECHO_TRY)) { if (ttyfd == -1 && !ISSET(flags, TGP_ECHO|TGP_NOECHO_TRY)) {
if (askpass == NULL || getenv_unhooked("DISPLAY") == NULL) { if (askpass == NULL || getenv_unhooked("DISPLAY") == NULL) {
sudo_warnx(U_("a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper")); sudo_warnx("%s",
U_("a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper"));
debug_return_str(NULL); debug_return_str(NULL);
} }
SET(flags, TGP_ASKPASS); SET(flags, TGP_ASKPASS);
@ -147,7 +148,8 @@ restart:
/* If using a helper program to get the password, run it instead. */ /* If using a helper program to get the password, run it instead. */
if (ISSET(flags, TGP_ASKPASS)) { if (ISSET(flags, TGP_ASKPASS)) {
if (askpass == NULL || *askpass == '\0') if (askpass == NULL || *askpass == '\0')
sudo_fatalx(U_("no askpass program specified, try setting SUDO_ASKPASS")); sudo_fatalx("%s",
U_("no askpass program specified, try setting SUDO_ASKPASS"));
debug_return_str_masked(sudo_askpass(askpass, prompt)); debug_return_str_masked(sudo_askpass(askpass, prompt));
} }
@ -301,11 +303,11 @@ sudo_askpass(const char *askpass, const char *prompt)
(void) sigaction(SIGCHLD, &sa, &savechld); (void) sigaction(SIGCHLD, &sa, &savechld);
if (pipe2(pfd, O_CLOEXEC) == -1) if (pipe2(pfd, O_CLOEXEC) == -1)
sudo_fatal(U_("unable to create pipe")); sudo_fatal("%s", U_("unable to create pipe"));
child = sudo_debug_fork(); child = sudo_debug_fork();
if (child == -1) if (child == -1)
sudo_fatal(U_("unable to fork")); sudo_fatal("%s", U_("unable to fork"));
if (child == 0) { if (child == 0) {
/* child, set stdout to write side of the pipe */ /* child, set stdout to write side of the pipe */

6
src/utmp.c
View File

@ -284,12 +284,12 @@ utmp_slot(const char *line, int ttyfd)
* doesn't take an argument. * doesn't take an argument.
*/ */
if ((sfd = dup(STDIN_FILENO)) == -1) if ((sfd = dup(STDIN_FILENO)) == -1)
sudo_fatal(U_("unable to save stdin")); sudo_fatal("%s", U_("unable to save stdin"));
if (dup2(ttyfd, STDIN_FILENO) == -1) if (dup2(ttyfd, STDIN_FILENO) == -1)
sudo_fatal(U_("unable to dup2 stdin")); sudo_fatal("%s", U_("unable to dup2 stdin"));
slot = ttyslot(); slot = ttyslot();
if (dup2(sfd, STDIN_FILENO) == -1) if (dup2(sfd, STDIN_FILENO) == -1)
sudo_fatal(U_("unable to restore stdin")); sudo_fatal("%s", U_("unable to restore stdin"));
close(sfd); close(sfd);
debug_return_int(slot); debug_return_int(slot);