summaryrefslogtreecommitdiffstats
path: root/plugins/sudoers/serialize_list.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/sudoers/serialize_list.c')
-rw-r--r--plugins/sudoers/serialize_list.c82
1 files changed, 82 insertions, 0 deletions
diff --git a/plugins/sudoers/serialize_list.c b/plugins/sudoers/serialize_list.c
new file mode 100644
index 0000000..11d2c28
--- /dev/null
+++ b/plugins/sudoers/serialize_list.c
@@ -0,0 +1,82 @@
+/*
+ * SPDX-License-Identifier: ISC
+ *
+ * Copyright (c) 2019, 2022 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <sudoers.h>
+
+/*
+ * Convert struct list_members to a comma-separated string with
+ * the given variable name. Escapes backslashes and commas.
+ */
+char *
+serialize_list(const char *varname, struct list_members *members)
+{
+ struct list_member *lm, *next;
+ size_t len, result_size;
+ char *cp, *result;
+ debug_decl(serialize_list, SUDOERS_DEBUG_PLUGIN);
+
+ result_size = strlen(varname) + 1;
+ SLIST_FOREACH(lm, members, entries) {
+ for (cp = lm->value; *cp != '\0'; cp++) {
+ result_size++;
+ if (*cp == '\\' || *cp == ',')
+ result_size++;
+ }
+ result_size++;
+ }
+ if ((result = malloc(result_size)) == NULL)
+ goto bad;
+ /* No need to check len for overflow here. */
+ len = strlcpy(result, varname, result_size);
+ result[len++] = '=';
+ SLIST_FOREACH_SAFE(lm, members, entries, next) {
+ for (cp = lm->value; *cp != '\0'; cp++) {
+ bool escape = (*cp == '\\' || *cp == ',');
+ if (len + 1 + escape >= result_size) {
+ sudo_warnx(U_("internal error, %s overflow"), __func__);
+ goto bad;
+ }
+ if (escape)
+ result[len++] = '\\';
+ result[len++] = *cp;
+ }
+ if (next != NULL) {
+ if (len + 1 >= result_size) {
+ sudo_warnx(U_("internal error, %s overflow"), __func__);
+ goto bad;
+ }
+ result[len++] = ',';
+ }
+ result[len] = '\0';
+ }
+ debug_return_str(result);
+bad:
+ free(result);
+ debug_return_str(NULL);
+}