diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 02:23:56 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 02:23:56 +0000 |
commit | 9620f76a210d9d8c1aaff25e99d6dc513f87e6e9 (patch) | |
tree | ceecc90fb95780872c35da764c5163f38e4727c4 /plugins/sudoers/prompt.c | |
parent | Initial commit. (diff) | |
download | sudo-9620f76a210d9d8c1aaff25e99d6dc513f87e6e9.tar.xz sudo-9620f76a210d9d8c1aaff25e99d6dc513f87e6e9.zip |
Adding upstream version 1.8.27.upstream/1.8.27upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'plugins/sudoers/prompt.c')
-rw-r--r-- | plugins/sudoers/prompt.c | 168 |
1 files changed, 168 insertions, 0 deletions
diff --git a/plugins/sudoers/prompt.c b/plugins/sudoers/prompt.c new file mode 100644 index 0000000..d79d7d5 --- /dev/null +++ b/plugins/sudoers/prompt.c @@ -0,0 +1,168 @@ +/* + * Copyright (c) 1993-1996,1998-2005, 2007-2015 + * Todd C. Miller <Todd.Miller@sudo.ws> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Sponsored in part by the Defense Advanced Research Projects + * Agency (DARPA) and Air Force Research Laboratory, Air Force + * Materiel Command, USAF, under agreement number F39502-99-1-0512. + */ + +/* + * This is an open source non-commercial project. Dear PVS-Studio, please check it. + * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com + */ + +#include <config.h> + +#include <sys/types.h> +#include <stdio.h> +#include <stdlib.h> +#ifdef HAVE_STRING_H +# include <string.h> +#endif /* HAVE_STRING_H */ +#ifdef HAVE_STRINGS_H +# include <strings.h> +#endif /* HAVE_STRINGS_H */ +#include <pwd.h> +#include <grp.h> + +#include "sudoers.h" + +/* + * Expand %h and %u escapes (if present) in the prompt and pass back + * the dynamically allocated result. + */ +char * +expand_prompt(const char *old_prompt, const char *auth_user) +{ + size_t len, n; + int subst; + const char *p; + char *np, *new_prompt, *endp; + debug_decl(expand_prompt, SUDOERS_DEBUG_AUTH) + + /* How much space do we need to malloc for the prompt? */ + subst = 0; + for (p = old_prompt, len = strlen(old_prompt); *p; p++) { + if (p[0] =='%') { + switch (p[1]) { + case 'h': + p++; + len += strlen(user_shost) - 2; + subst = 1; + break; + case 'H': + p++; + len += strlen(user_host) - 2; + subst = 1; + break; + case 'p': + p++; + len += strlen(auth_user) - 2; + subst = 1; + break; + case 'u': + p++; + len += strlen(user_name) - 2; + subst = 1; + break; + case 'U': + p++; + len += strlen(runas_pw->pw_name) - 2; + subst = 1; + break; + case '%': + p++; + len--; + subst = 1; + break; + default: + break; + } + } + } + + if ((new_prompt = malloc(++len)) == NULL) { + sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); + debug_return_str(NULL); + } + + if (subst) { + endp = new_prompt + len; + for (p = old_prompt, np = new_prompt; *p; p++) { + if (p[0] =='%') { + switch (p[1]) { + case 'h': + p++; + n = strlcpy(np, user_shost, np - endp); + if (n >= (size_t)(np - endp)) + goto oflow; + np += n; + continue; + case 'H': + p++; + n = strlcpy(np, user_host, np - endp); + if (n >= (size_t)(np - endp)) + goto oflow; + np += n; + continue; + case 'p': + p++; + n = strlcpy(np, auth_user, np - endp); + if (n >= (size_t)(np - endp)) + goto oflow; + np += n; + continue; + case 'u': + p++; + n = strlcpy(np, user_name, np - endp); + if (n >= (size_t)(np - endp)) + goto oflow; + np += n; + continue; + case 'U': + p++; + n = strlcpy(np, runas_pw->pw_name, np - endp); + if (n >= (size_t)(np - endp)) + goto oflow; + np += n; + continue; + case '%': + /* convert %% -> % */ + p++; + break; + default: + /* no conversion */ + break; + } + } + *np++ = *p; + if (np >= endp) + goto oflow; + } + *np = '\0'; + } else { + /* Nothing to expand. */ + memcpy(new_prompt, old_prompt, len); /* len includes NUL */ + } + + debug_return_str(new_prompt); + +oflow: + /* We pre-allocate enough space, so this should never happen. */ + free(new_prompt); + sudo_warnx(U_("internal error, %s overflow"), __func__); + debug_return_str(NULL); +} |