From a2998a6701c694b0cf750e91ec44ce72a7601920 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 9 Nov 2023 15:31:26 -0700 Subject: [PATCH] alias_apply: change return type to bool We can use the rbapply() return value to detect failure. --- plugins/sudoers/alias.c | 8 +++++--- plugins/sudoers/check_aliases.c | 6 ++++-- plugins/sudoers/cvtsudoers.c | 12 ++++-------- plugins/sudoers/cvtsudoers_csv.c | 12 ++++++++---- plugins/sudoers/parse.h | 2 +- plugins/sudoers/testsudoers.c | 4 +--- 6 files changed, 23 insertions(+), 21 deletions(-) diff --git a/plugins/sudoers/alias.c b/plugins/sudoers/alias.c index ab01d4d2b..c2d1be5fd 100644 --- a/plugins/sudoers/alias.c +++ b/plugins/sudoers/alias.c @@ -177,22 +177,24 @@ alias_apply_func(void *v1, void *v2) /* * Apply a function to each alias entry and pass in a cookie. */ -void +bool alias_apply(struct sudoers_parse_tree *parse_tree, int (*func)(struct sudoers_parse_tree *, struct alias *, void *), void *cookie) { struct alias_apply_closure closure; + bool ret = true; debug_decl(alias_apply, SUDOERS_DEBUG_ALIAS); if (parse_tree->aliases != NULL) { closure.parse_tree = parse_tree; closure.func = func; closure.cookie = cookie; - rbapply(parse_tree->aliases, alias_apply_func, &closure, inorder); + if (rbapply(parse_tree->aliases, alias_apply_func, &closure, inorder) != 0) + ret = false; } - debug_return; + debug_return_bool(ret); } /* diff --git a/plugins/sudoers/check_aliases.c b/plugins/sudoers/check_aliases.c index 871969890..53008379d 100644 --- a/plugins/sudoers/check_aliases.c +++ b/plugins/sudoers/check_aliases.c @@ -179,8 +179,10 @@ check_aliases(struct sudoers_parse_tree *parse_tree, bool strict, bool quiet, free_aliases(used_aliases); /* If all aliases were referenced we will have an empty tree. */ - if (!no_aliases(parse_tree)) - alias_apply(parse_tree, cb_unused, &quiet); + if (!no_aliases(parse_tree)) { + if (!alias_apply(parse_tree, cb_unused, &quiet)) + errors++; + } debug_return_int(strict ? errors : 0); } diff --git a/plugins/sudoers/cvtsudoers.c b/plugins/sudoers/cvtsudoers.c index e1db214bc..5d6b48a28 100644 --- a/plugins/sudoers/cvtsudoers.c +++ b/plugins/sudoers/cvtsudoers.c @@ -98,7 +98,7 @@ static unsigned int cvtsudoers_parse_suppression(char *expression); static void filter_userspecs(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf); static void filter_defaults(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf); static void alias_remove_unused(struct sudoers_parse_tree *parse_tree); -static void alias_prune(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf); +static bool alias_prune(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf); sudo_noreturn static void help(void); sudo_noreturn static void usage(void); @@ -1078,9 +1078,7 @@ print_aliases_sudoers(struct sudoers_parse_tree *parse_tree, { debug_decl(print_aliases_sudoers, SUDOERS_DEBUG_UTIL); - alias_apply(parse_tree, print_alias_sudoers, lbuf); - - debug_return_bool(!sudo_lbuf_error(lbuf)); + debug_return_bool(alias_apply(parse_tree, print_alias_sudoers, lbuf)); } static FILE *output_fp; /* global for convert_sudoers_output */ @@ -1432,15 +1430,13 @@ alias_prune_helper(struct sudoers_parse_tree *parse_tree, struct alias *a, /* * Prune out non-matching entries from within aliases. */ -static void +static bool alias_prune(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf) { debug_decl(alias_prune, SUDOERS_DEBUG_ALIAS); - alias_apply(parse_tree, alias_prune_helper, conf); - - debug_return; + debug_return_bool(alias_apply(parse_tree, alias_prune_helper, conf)); } /* diff --git a/plugins/sudoers/cvtsudoers_csv.c b/plugins/sudoers/cvtsudoers_csv.c index d5cb6a54a..4749e748a 100644 --- a/plugins/sudoers/cvtsudoers_csv.c +++ b/plugins/sudoers/cvtsudoers_csv.c @@ -388,13 +388,13 @@ print_alias_csv(struct sudoers_parse_tree *parse_tree, struct alias *a, void *v) title = alias_type_to_string(a->type); if (title == NULL) { sudo_warnx("unexpected alias type %d", a->type); - debug_return_int(0); + debug_return_int(-1); } fprintf(fp, "%s,%s,", title, a->name); print_member_list_csv(fp, parse_tree, &a->members, false, a->type, false); putc('\n', fp); - debug_return_int(0); + debug_return_int(ferror(fp)); } /* @@ -403,6 +403,7 @@ print_alias_csv(struct sudoers_parse_tree *parse_tree, struct alias *a, void *v) static bool print_aliases_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree) { + bool ret; debug_decl(print_aliases_csv, SUDOERS_DEBUG_UTIL); if (TAILQ_EMPTY(&parse_tree->defaults)) @@ -412,10 +413,13 @@ print_aliases_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree) fputs("alias_type,alias_name,members\n", fp); /* print_alias_csv() does not modify parse_tree. */ - alias_apply((struct sudoers_parse_tree *)parse_tree, print_alias_csv, fp); + ret = alias_apply((struct sudoers_parse_tree *)parse_tree, + print_alias_csv, fp); putc('\n', fp); + if (ferror(fp)) + ret = false; - debug_return_bool(true); + debug_return_bool(ret); } /* diff --git a/plugins/sudoers/parse.h b/plugins/sudoers/parse.h index 0764c5450..d14bdcb76 100644 --- a/plugins/sudoers/parse.h +++ b/plugins/sudoers/parse.h @@ -388,7 +388,7 @@ const char *alias_type_to_string(short alias_type); struct alias *alias_get(const struct sudoers_parse_tree *parse_tree, const char *name, short type); struct alias *alias_remove(struct sudoers_parse_tree *parse_tree, const char *name, short type); bool alias_find_used(struct sudoers_parse_tree *parse_tree, struct rbtree *used_aliases); -void alias_apply(struct sudoers_parse_tree *parse_tree, int (*func)(struct sudoers_parse_tree *, struct alias *, void *), void *cookie); +bool alias_apply(struct sudoers_parse_tree *parse_tree, int (*func)(struct sudoers_parse_tree *, struct alias *, void *), void *cookie); void alias_free(void *a); void alias_put(struct alias *a); diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c index 2ebd7b459..f79a0bfa5 100644 --- a/plugins/sudoers/testsudoers.c +++ b/plugins/sudoers/testsudoers.c @@ -715,9 +715,7 @@ print_aliases(struct sudo_lbuf *lbuf) { debug_decl(print_aliases, SUDOERS_DEBUG_UTIL); - alias_apply(&parsed_policy, print_alias, lbuf); - - debug_return_bool(!sudo_lbuf_error(lbuf)); + debug_return_bool(alias_apply(&parsed_policy, print_alias, lbuf)); } static void