mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-21 17:37:16 +00:00
Code Issues Releases Wiki Activity

Free existing contents of struct eventlog before overwriting.

Browse Source 
In the unlikely event that there are duplicate keys in info_msgs,
free the old string before overwriting with the new one.
This commit is contained in:
Todd C. Miller 2025-03-31 20:11:34 -06:00
parent e8695d536c
commit ce0ec8ddca
3 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
logsrvd/iolog_writer.c
View File

@ -113,6 +113,20 @@ bad:
debug_return_ptr(NULL);
}
/*
* Free a NULL-terminated string vector.
*/
static void
strvec_free(char *vec[])
{
if (vec != NULL) {
char **vp;
for (vp = vec; *vp != NULL; vp++)
free(*vp);
free(vec);
}
}
/*
* Fill in eventlog details from an AcceptMessage
* Caller is responsible for freeing strings in struct eventlog.
@ -180,6 +194,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "command") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->command);
if ((evlog->command = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -205,6 +220,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
case 'r':
if (strcmp(key, "runargv") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRLISTVAL)) {
strvec_free(evlog->runargv);
evlog->runargv = strlist_copy(info->u.strlistval);
if (evlog->runargv == NULL)
goto bad;
@ -213,6 +229,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "runchroot") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->runchroot);
if ((evlog->runchroot = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -223,6 +240,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "runcwd") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->runcwd);
if ((evlog->runcwd = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -233,6 +251,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "runenv") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRLISTVAL)) {
strvec_free(evlog->runenv);
evlog->runenv = strlist_copy(info->u.strlistval);
if (evlog->runenv == NULL)
goto bad;
@ -252,6 +271,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "rungroup") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->rungroup);
if ((evlog->rungroup = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -273,6 +293,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "runuser") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->runuser);
if ((evlog->runuser = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -285,6 +306,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
case 's':
if (strcmp(key, "source") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->source);
if ((evlog->source = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -295,6 +317,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "submitcwd") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->cwd);
if ((evlog->cwd = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -305,6 +328,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "submitenv") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRLISTVAL)) {
strvec_free(evlog->submitenv);
evlog->submitenv = strlist_copy(info->u.strlistval);
if (evlog->submitenv == NULL)
goto bad;
@ -313,6 +337,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "submitgroup") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->submitgroup);
if ((evlog->submitgroup = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -323,6 +348,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "submithost") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->submithost);
if ((evlog->submithost = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -333,6 +359,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
}
if (strcmp(key, "submituser") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->submituser);
if ((evlog->submituser = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
@ -345,6 +372,7 @@ evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen,
case 't':
if (strcmp(key, "ttyname") == 0) {
if (type_matches(info, source, INFO_MESSAGE__VALUE_STRVAL)) {
free(evlog->ttyname);
if ((evlog->ttyname = strdup(info->u.strval)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));

3
logsrvd/logsrvd_local.c
View File

@ -210,6 +210,7 @@ store_accept_local(AcceptMessage *msg, uint8_t *buf, size_t len,
}
} else if (closure->log_io) {
/* Sub-command from an existing session, set iolog and offset. */
free(evlog->iolog_path);
evlog->iolog_path = strdup(closure->evlog->iolog_path);
if (evlog->iolog_path == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
@ -273,6 +274,7 @@ store_reject_local(RejectMessage *msg, uint8_t *buf, size_t len,
closure->evlog = evlog;
} else if (closure->log_io) {
/* Sub-command from an existing session, set iolog and offset. */
free(evlog->iolog_path);
evlog->iolog_path = strdup(closure->evlog->iolog_path);
if (evlog->iolog_path == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
@ -412,6 +414,7 @@ store_exit_local(ExitMessage *msg, uint8_t *buf, size_t len,
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"command was killed by SIG%s%s", msg->signal,
msg->dumped_core ? " (core dumped)" : "");
free(evlog->signal_name);
evlog->signal_name = strdup(msg->signal);
if (evlog->signal_name == NULL) {
closure->errstr = _("unable to allocate memory");

1
plugins/audit_json/audit_json.c
View File

@ -141,6 +141,7 @@ audit_json_open(unsigned int version, sudo_conv_t conversation,
if (plugin_options != NULL) {
for (cur = plugin_options; (cp = *cur) != NULL; cur++) {
if (strncmp(cp, "logfile=", sizeof("logfile=") - 1) == 0) {
free(state.logfile);
state.logfile = strdup(cp + sizeof("logfile=") - 1);
if (state.logfile == NULL)
goto oom;