diff options
Diffstat (limited to 'plugins/sudoers/serialize_list.c')
-rw-r--r-- | plugins/sudoers/serialize_list.c | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/plugins/sudoers/serialize_list.c b/plugins/sudoers/serialize_list.c new file mode 100644 index 0000000..11d2c28 --- /dev/null +++ b/plugins/sudoers/serialize_list.c @@ -0,0 +1,82 @@ +/* + * SPDX-License-Identifier: ISC + * + * Copyright (c) 2019, 2022 Todd C. Miller <Todd.Miller@sudo.ws> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * This is an open source non-commercial project. Dear PVS-Studio, please check it. + * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com + */ + +#include <config.h> + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <sudoers.h> + +/* + * Convert struct list_members to a comma-separated string with + * the given variable name. Escapes backslashes and commas. + */ +char * +serialize_list(const char *varname, struct list_members *members) +{ + struct list_member *lm, *next; + size_t len, result_size; + char *cp, *result; + debug_decl(serialize_list, SUDOERS_DEBUG_PLUGIN); + + result_size = strlen(varname) + 1; + SLIST_FOREACH(lm, members, entries) { + for (cp = lm->value; *cp != '\0'; cp++) { + result_size++; + if (*cp == '\\' || *cp == ',') + result_size++; + } + result_size++; + } + if ((result = malloc(result_size)) == NULL) + goto bad; + /* No need to check len for overflow here. */ + len = strlcpy(result, varname, result_size); + result[len++] = '='; + SLIST_FOREACH_SAFE(lm, members, entries, next) { + for (cp = lm->value; *cp != '\0'; cp++) { + bool escape = (*cp == '\\' || *cp == ','); + if (len + 1 + escape >= result_size) { + sudo_warnx(U_("internal error, %s overflow"), __func__); + goto bad; + } + if (escape) + result[len++] = '\\'; + result[len++] = *cp; + } + if (next != NULL) { + if (len + 1 >= result_size) { + sudo_warnx(U_("internal error, %s overflow"), __func__); + goto bad; + } + result[len++] = ','; + } + result[len] = '\0'; + } + debug_return_str(result); +bad: + free(result); + debug_return_str(NULL); +} |