diff --git a/lib/util/event.c b/lib/util/event.c index d2a6c8c6a..41927702d 100644 --- a/lib/util/event.c +++ b/lib/util/event.c @@ -826,10 +826,9 @@ sudo_ev_get_timeleft_v2(struct sudo_event *ev, struct timespec *ts) { debug_decl(sudo_ev_get_timeleft, SUDO_DEBUG_EVENT); - if (sudo_ev_pending_v1(ev, SUDO_EV_TIMEOUT, ts) != SUDO_EV_TIMEOUT) { - sudo_timespecclear(ts); + sudo_timespecclear(ts); + if (sudo_ev_pending_v1(ev, SUDO_EV_TIMEOUT, ts) != SUDO_EV_TIMEOUT) debug_return_int(-1); - } debug_return_int(0); } @@ -846,6 +845,7 @@ sudo_ev_pending_v1(struct sudo_event *ev, short events, struct timespec *ts) debug_return_int(0); ret = ev->events & events; + CLR(ret, SUDO_EV_TIMEOUT); if (ISSET(ev->flags, SUDO_EVQ_TIMEOUTS) && ISSET(events, SUDO_EV_TIMEOUT)) { ret |= SUDO_EV_TIMEOUT; if (ts != NULL) { diff --git a/plugins/sudoers/cvtsudoers_pwutil.c b/plugins/sudoers/cvtsudoers_pwutil.c index 47c487679..a7b163e91 100644 --- a/plugins/sudoers/cvtsudoers_pwutil.c +++ b/plugins/sudoers/cvtsudoers_pwutil.c @@ -58,6 +58,8 @@ do { \ if ((src)->name) { \ size = strlen((src)->name) + 1; \ total += size; \ + } else { \ + size = 0; \ } \ } while (0) @@ -65,7 +67,7 @@ do { \ do { \ if ((src)->name) { \ memcpy(cp, (src)->name, size); \ - (dst)->name = cp; \ + (dst)->name = cp; \ cp += size; \ } \ } while (0) @@ -81,7 +83,10 @@ struct cache_item * cvtsudoers_make_pwitem(uid_t uid, const char *name) { char *cp, uidstr[MAX_UID_T_LEN + 2]; - size_t nsize, psize, csize, gsize, dsize, ssize, total; + size_t nsize, psize, gsize, dsize, ssize, total; +#ifdef HAVE_LOGIN_CAP_H + size_t csize; +#endif struct cache_item_pw *pwitem; struct passwd pw, *newpw; struct sudoers_string *s = NULL; @@ -128,7 +133,6 @@ cvtsudoers_make_pwitem(uid_t uid, const char *name) pw.pw_dir = "/"; /* Allocate in one big chunk for easy freeing. */ - nsize = psize = csize = gsize = dsize = ssize = 0; total = sizeof(*pwitem); FIELD_SIZE(&pw, pw_name, nsize); FIELD_SIZE(&pw, pw_passwd, psize); @@ -188,7 +192,7 @@ struct cache_item * cvtsudoers_make_gritem(gid_t gid, const char *name) { char *cp, gidstr[MAX_UID_T_LEN + 2]; - size_t nsize, psize, nmem, total, len; + size_t nsize, psize, total, len, nmem = 0; struct cache_item_gr *gritem; struct group gr, *newgr; struct sudoers_string *s = NULL; @@ -231,7 +235,6 @@ cvtsudoers_make_gritem(gid_t gid, const char *name) gr.gr_gid = gid; /* Allocate in one big chunk for easy freeing. */ - nsize = psize = nmem = 0; total = sizeof(*gritem); FIELD_SIZE(&gr, gr_name, nsize); FIELD_SIZE(&gr, gr_passwd, psize); diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c index 2c477e814..a72b3de22 100644 --- a/plugins/sudoers/defaults.c +++ b/plugins/sudoers/defaults.c @@ -199,7 +199,7 @@ find_default(const char *name, const char *file, int lineno, bool quiet) */ static bool parse_default_entry(struct sudo_defs_types *def, const char *val, int op, - union sudo_defs_val *sd_un, const char *file, int lineno, bool quiet) + const char *file, int lineno, bool quiet) { int rc; debug_decl(parse_default_entry, SUDOERS_DEBUG_DEFAULTS); @@ -243,10 +243,10 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op, switch (def->type & T_MASK) { case T_LOGFAC: - rc = store_syslogfac(val, sd_un); + rc = store_syslogfac(val, &def->sd_un); break; case T_LOGPRI: - rc = store_syslogpri(val, sd_un); + rc = store_syslogpri(val, &def->sd_un); break; case T_STR: if (ISSET(def->type, T_PATH) && val != NULL && *val != '/') { @@ -262,16 +262,16 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op, rc = -1; break; } - rc = store_str(val, sd_un); + rc = store_str(val, &def->sd_un); break; case T_INT: - rc = store_int(val, sd_un); + rc = store_int(val, &def->sd_un); break; case T_UINT: - rc = store_uint(val, sd_un); + rc = store_uint(val, &def->sd_un); break; case T_MODE: - rc = store_mode(val, sd_un); + rc = store_mode(val, &def->sd_un); break; case T_FLAG: if (val != NULL) { @@ -287,20 +287,20 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op, rc = -1; break; } - sd_un->flag = op; + def->sd_un.flag = op; rc = true; break; case T_LIST: - rc = store_list(val, sd_un, op); + rc = store_list(val, &def->sd_un, op); break; case T_TIMEOUT: - rc = store_timeout(val, sd_un); + rc = store_timeout(val, &def->sd_un); break; case T_TUPLE: - rc = store_tuple(val, sd_un, def->values); + rc = store_tuple(val, &def->sd_un, def->values); break; case T_TIMESPEC: - rc = store_timespec(val, sd_un); + rc = store_timespec(val, &def->sd_un); break; default: if (!quiet) { @@ -371,7 +371,7 @@ set_default(const char *var, const char *val, int op, const char *file, if (idx != -1) { /* Set parsed value in sudo_defs_table and run callback (if any). */ struct sudo_defs_types *def = &sudo_defs_table[idx]; - if (parse_default_entry(def, val, op, &def->sd_un, file, lineno, quiet)) + if (parse_default_entry(def, val, op, file, lineno, quiet)) debug_return_bool(run_callback(def)); } debug_return_bool(false); @@ -392,7 +392,7 @@ set_early_default(const char *var, const char *val, int op, const char *file, if (idx != -1) { /* Set parsed value in sudo_defs_table but defer callback (if any). */ struct sudo_defs_types *def = &sudo_defs_table[idx]; - if (parse_default_entry(def, val, op, &def->sd_un, file, lineno, quiet)) { + if (parse_default_entry(def, val, op, file, lineno, quiet)) { early->run_callback = true; debug_return_bool(true); } @@ -776,12 +776,11 @@ check_defaults(struct sudoers_parse_tree *parse_tree, bool quiet) TAILQ_FOREACH(d, &parse_tree->defaults, entries) { idx = find_default(d->var, d->file, d->lineno, quiet); if (idx != -1) { - struct sudo_defs_types *def = &sudo_defs_table[idx]; - union sudo_defs_val sd_un; - memset(&sd_un, 0, sizeof(sd_un)); - if (parse_default_entry(def, d->val, d->op, &sd_un, d->file, + struct sudo_defs_types def = sudo_defs_table[idx]; + memset(&def.sd_un, 0, sizeof(def.sd_un)); + if (parse_default_entry(&def, d->val, d->op, d->file, d->lineno, quiet)) { - free_defs_val(def->type, &sd_un); + free_defs_val(def.type, &def.sd_un); continue; } } diff --git a/plugins/sudoers/linux_audit.c b/plugins/sudoers/linux_audit.c index 3fe1ff0c6..89e5e1021 100644 --- a/plugins/sudoers/linux_audit.c +++ b/plugins/sudoers/linux_audit.c @@ -66,7 +66,7 @@ int linux_audit_command(char *const argv[], int result) { int au_fd, rc = -1; - char *command, *cp; + char *cp, *command = NULL; char * const *av; size_t size, n; debug_decl(linux_audit_command, SUDOERS_DEBUG_AUDIT); @@ -78,7 +78,8 @@ linux_audit_command(char *const argv[], int result) /* Convert argv to a flat string. */ for (size = 0, av = argv; *av != NULL; av++) size += strlen(*av) + 1; - command = malloc(size); + if (size != 0) + command = malloc(size); if (command == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto done; diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 88e3cd3d2..81da0f788 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -786,7 +786,7 @@ send_mail(const char *fmt, ...) break; case 0: /* Child. */ - switch (pid = fork()) { + switch (fork()) { case -1: /* Error. */ mysyslog(LOG_ERR, _("unable to fork: %m")); diff --git a/plugins/sudoers/pwutil.c b/plugins/sudoers/pwutil.c index 19d8005d0..720939602 100644 --- a/plugins/sudoers/pwutil.c +++ b/plugins/sudoers/pwutil.c @@ -856,7 +856,6 @@ int sudo_set_grlist(struct passwd *pw, char * const *groups) { struct cache_item key, *item; - struct rbnode *node; debug_decl(sudo_set_grlist, SUDOERS_DEBUG_NSS); if (grlist_cache == NULL) { @@ -872,7 +871,7 @@ sudo_set_grlist(struct passwd *pw, char * const *groups) */ key.k.name = pw->pw_name; getauthregistry(NULL, key.registry); - if ((node = rbfind(grlist_cache, &key)) == NULL) { + if (rbfind(grlist_cache, &key) == NULL) { if ((item = make_grlist_item(pw, groups)) == NULL) { sudo_warnx(U_("unable to parse groups for %s"), pw->pw_name); debug_return_int(-1); @@ -958,7 +957,6 @@ int sudo_set_gidlist(struct passwd *pw, char * const *gids, unsigned int type) { struct cache_item key, *item; - struct rbnode *node; debug_decl(sudo_set_gidlist, SUDOERS_DEBUG_NSS); if (gidlist_cache == NULL) { @@ -975,7 +973,7 @@ sudo_set_gidlist(struct passwd *pw, char * const *gids, unsigned int type) key.k.name = pw->pw_name; key.type = type; getauthregistry(NULL, key.registry); - if ((node = rbfind(gidlist_cache, &key)) == NULL) { + if (rbfind(gidlist_cache, &key) == NULL) { if ((item = make_gidlist_item(pw, gids, type)) == NULL) { sudo_warnx(U_("unable to parse gids for %s"), pw->pw_name); debug_return_int(-1); diff --git a/plugins/sudoers/pwutil_impl.c b/plugins/sudoers/pwutil_impl.c index 363fd16b4..2e39e0802 100644 --- a/plugins/sudoers/pwutil_impl.c +++ b/plugins/sudoers/pwutil_impl.c @@ -54,6 +54,8 @@ do { \ if (src->name) { \ size = strlen(src->name) + 1; \ total += size; \ + } else { \ + size = 0; \ } \ } while (0) @@ -78,7 +80,10 @@ sudo_make_pwitem(uid_t uid, const char *name) { char *cp; const char *pw_shell; - size_t nsize, psize, csize, gsize, dsize, ssize, total; + size_t nsize, psize, gsize, dsize, ssize, total; +#ifdef HAVE_LOGIN_CAP_H + size_t csize; +#endif struct cache_item_pw *pwitem; struct passwd *pw, *newpw; debug_decl(sudo_make_pwitem, SUDOERS_DEBUG_NSS); @@ -95,7 +100,6 @@ sudo_make_pwitem(uid_t uid, const char *name) ? _PATH_BSHELL : pw->pw_shell; /* Allocate in one big chunk for easy freeing. */ - nsize = psize = csize = gsize = dsize = ssize = 0; total = sizeof(*pwitem); FIELD_SIZE(pw, pw_name, nsize); FIELD_SIZE(pw, pw_passwd, psize); @@ -160,7 +164,7 @@ struct cache_item * sudo_make_gritem(gid_t gid, const char *name) { char *cp; - size_t nsize, psize, nmem, total, len; + size_t nsize, psize, total, len, nmem = 0; struct cache_item_gr *gritem; struct group *gr, *newgr; debug_decl(sudo_make_gritem, SUDOERS_DEBUG_NSS); @@ -173,7 +177,6 @@ sudo_make_gritem(gid_t gid, const char *name) } /* Allocate in one big chunk for easy freeing. */ - nsize = psize = nmem = 0; total = sizeof(*gritem); FIELD_SIZE(gr, gr_name, nsize); FIELD_SIZE(gr, gr_passwd, psize); diff --git a/src/selinux.c b/src/selinux.c index 4a0f4524c..5f74c81cc 100644 --- a/src/selinux.c +++ b/src/selinux.c @@ -480,6 +480,10 @@ selinux_execve(int fd, const char *path, char *const argv[], char *envp[], */ for (argc = 0; argv[argc] != NULL; argc++) continue; + if (argc == 0) { + errno = EINVAL; + debug_return; + } nargv = reallocarray(NULL, argc + 3, sizeof(char *)); if (nargv == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));