From b3b80fe6df4583bef9b5e1444fa9800c3ed5bf32 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Thu, 25 Feb 2021 15:02:09 -0700
Subject: [PATCH] Implement sudoers_policy_deregister_hooks()
 Register/deregister hooks in fuzz_policy and also call show_version().

---
 plugins/sudoers/defaults.c                 |  2 --
 plugins/sudoers/policy.c                   | 19 +++++++++++++++++++
 plugins/sudoers/regress/fuzz/fuzz_policy.c | 12 ++++++++++++
 3 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
index bcff977c2..4c37f77c9 100644
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -81,7 +81,6 @@ static bool valid_path(struct sudo_defs_types *def, const char *val, const char
 void
 dump_defaults(void)
 {
-#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
     struct sudo_defs_types *cur;
     struct list_member *item;
     struct def_values *def;
@@ -165,7 +164,6 @@ dump_defaults(void)
 	}
     }
     debug_return;
-#endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
 }
 
 /*
diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
index 94537eafd..43441fe9d 100644
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -1193,6 +1193,24 @@ sudoers_policy_register_hooks(int version, int (*register_hook)(struct sudo_hook
     }
 }
 
+/*
+ * De-register environment function hooks.
+ */
+static void
+sudoers_policy_deregister_hooks(int version, int (*deregister_hook)(struct sudo_hook *hook))
+{
+    struct sudo_hook *hook;
+
+    for (hook = sudoers_hooks; hook->hook_fn != NULL; hook++) {
+	if (deregister_hook(hook) != 0) {
+	    sudo_warn_nodebug(
+		U_("unable to deregister hook of type %d (version %d.%d)"),
+		hook->hook_type, SUDO_API_VERSION_GET_MAJOR(hook->hook_version),
+		SUDO_API_VERSION_GET_MINOR(hook->hook_version));
+	}
+    }
+}
+
 sudo_dso_public struct policy_plugin sudoers_policy = {
     SUDO_POLICY_PLUGIN,
     SUDO_API_VERSION,
@@ -1205,5 +1223,6 @@ sudo_dso_public struct policy_plugin sudoers_policy = {
     sudoers_policy_invalidate,
     sudoers_policy_init_session,
     sudoers_policy_register_hooks,
+    sudoers_policy_deregister_hooks,
     NULL /* event_alloc() filled in by sudo */
 };
diff --git a/plugins/sudoers/regress/fuzz/fuzz_policy.c b/plugins/sudoers/regress/fuzz/fuzz_policy.c
index f95915c0c..25c828186 100644
--- a/plugins/sudoers/regress/fuzz/fuzz_policy.c
+++ b/plugins/sudoers/regress/fuzz/fuzz_policy.c
@@ -134,6 +134,12 @@ fuzz_printf(int msg_type, const char *fmt, ...)
     return 0;
 }
 
+int
+fuzz_hook_stub(struct sudo_hook *hook)
+{
+    return 0;
+}
+
 int
 LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 {
@@ -270,6 +276,8 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     free(line);
     line = NULL;
 
+    sudoers_policy.register_hooks(SUDO_API_VERSION, fuzz_hook_stub);
+
     for (i = 0; i < num_checks; i++) {
 	/* Call policy open function */
 	res = sudoers_policy.open(SUDO_API_VERSION, fuzz_conversation, fuzz_printf,
@@ -279,6 +287,9 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	switch (res) {
 	case 1:
 	    /* success */
+	    if (i == 0)
+		sudoers_policy.show_version(true);
+
 	    if (argv.len == 0) {
 		/* Must have a command to check. */
 		push(&argv, "/usr/bin/id");
@@ -318,6 +329,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	env_init(NULL);
     }
 
+    sudoers_policy.deregister_hooks(SUDO_API_VERSION, fuzz_hook_stub);
     sudoers_gc_run();
 
     free_dynamic_array(&plugin_args);