#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
#ifdef HAVE_LOGIN_CAP_H
# include <login_cap.h>
# ifndef LOGIN_SETENV
#endif /* HAVE_LOGIN_CAP_H */
#include <ctype.h>
#include <errno.h>
+#include <limits.h>
#include <pwd.h>
#include "sudoers.h"
+/*
+ * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
+ * could be signed (as it is on SunOS 4.x). This just means that
+ * emalloc2() and erealloc3() cannot allocate huge amounts on such a
+ * platform but that is OK since sudo doesn't need to do so anyway.
+ */
+#ifndef SIZE_MAX
+# ifdef SIZE_T_MAX
+# define SIZE_MAX SIZE_T_MAX
+# else
+# define SIZE_MAX INT_MAX
+# endif /* SIZE_T_MAX */
+#endif /* SIZE_MAX */
+
/*
* Flags used in rebuild_env()
*/
memset(env.envp, 0, env.env_size * sizeof(char *));
#endif
memcpy(env.envp, envp, len * sizeof(char *));
- env.envp[len] = '\0';
+ env.envp[len] = NULL;
/* Free the old envp we allocated, if any. */
if (env.old_envp != NULL)
bool found = false;
/* Make sure there is room for the new entry plus a NULL. */
- if (env.env_len + 2 > env.env_size) {
+ if (env.env_size > 2 && env.env_len > env.env_size - 2) {
char **nenvp;
- size_t nsize = env.env_size + 128;
- nenvp = env.envp ? realloc(env.envp, nsize * sizeof(char *)) :
- malloc(nsize * sizeof(char *));
+ size_t nsize;
+
+ if (env.env_size > SIZE_MAX - 128) {
+ errorx2(1, _("internal error, %s overflow"),
+ "sudo_putenv_nodebug()");
+ }
+ nsize = env.env_size + 128;
+ if (nsize > SIZE_MAX / sizeof(char *)) {
+ errorx2(1, _("internal error, %s overflow"),
+ "sudo_putenv_nodebug()");
+ }
+ nenvp = realloc(env.envp, nsize * sizeof(char *));
if (nenvp == NULL) {
errno = ENOMEM;
return -1;
if (dupcheck) {
len = (strchr(str, '=') - str) + 1;
- for (ep = env.envp; !found && *ep != NULL; ep++) {
+ for (ep = env.envp; *ep != NULL; ep++) {
if (strncmp(str, *ep, len) == 0) {
if (overwrite)
*ep = str;
found = true;
+ break;
}
}
- /* Prune out duplicate variables. */
+ /* Prune out extra instances of the variable we just overwrote. */
if (found && overwrite) {
- while (*ep != NULL) {
+ while (*++ep != NULL) {
if (strncmp(str, *ep, len) == 0) {
char **cur = ep;
while ((*cur = *(cur + 1)) != NULL)
cur++;
- } else {
- ep++;
+ ep--;
}
}
env.env_len = ep - env.envp;
int rval;
debug_decl(sudo_putenv, SUDO_DEBUG_ENV)
+ sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_putenv: %s", str);
+
rval = sudo_putenv_nodebug(str, dupcheck, overwrite);
if (rval == -1) {
#ifdef ENV_DEBUG
{
char *estring;
size_t esize;
+ int rval;
debug_decl(sudo_setenv2, SUDO_DEBUG_ENV)
esize = strlen(var) + 1 + strlen(val) + 1;
strlcat(estring, "=", esize) >= esize ||
strlcat(estring, val, esize) >= esize) {
- errorx(1, _("internal error, sudo_setenv2() overflow"));
+ errorx(1, _("internal error, %s overflow"), "sudo_setenv2()");
}
- debug_return_int(sudo_putenv(estring, dupcheck, overwrite));
+ rval = sudo_putenv(estring, dupcheck, overwrite);
+ if (rval == -1)
+ efree(estring);
+ debug_return_int(rval);
}
/*
{
char *estring;
size_t esize;
+ int rval = -1;
esize = strlen(var) + 1 + strlen(val) + 1;
if ((estring = malloc(esize)) == NULL) {
errno = ENOMEM;
- return -1;
+ goto done;
}
/* Build environment string and insert it. */
strlcat(estring, val, esize) >= esize) {
errno = EINVAL;
- return -1;
+ goto done;
}
- return sudo_putenv_nodebug(estring, true, overwrite);
+ rval = sudo_putenv_nodebug(estring, true, overwrite);
+done:
+ if (rval == -1)
+ efree(estring);
+ return rval;
}
/*
rval = sudo_setenv_nodebug(var, val, overwrite);
if (rval == -1) {
if (errno == EINVAL)
- errorx(1, _("internal error, sudo_setenv() overflow"));
+ errorx(1, _("internal error, %s overflow"), "sudo_setenv()");
errorx(1, _("unable to allocate memory"));
}
debug_return_int(rval);
int rval;
debug_decl(sudo_unsetenv, SUDO_DEBUG_ENV)
+ sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_unsetenv: %s", name);
+
rval = sudo_unsetenv_nodebug(name);
debug_return_int(rval);
char *val;
debug_decl(sudo_getenv, SUDO_DEBUG_ENV)
+ sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_getenv: %s", name);
+
val = sudo_getenv_nodebug(name);
debug_return_str(val);
delete_it = matches_env_delete(var);
if (!delete_it)
delete_it = matches_env_check(var) == false;
+
+ sudo_debug_printf(SUDO_DEBUG_INFO, "delete %s: %s",
+ var, delete_it ? "YES" : "NO");
debug_return_bool(delete_it);
}
if (keepit == -1)
keepit = matches_env_keep(var);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "keep %s: %s",
+ var, keepit ? "YES" : "NO");
debug_return_bool(keepit == true);
}
rebuild_env(void)
{
char **old_envp, **ep, *cp, *ps1;
- char idbuf[MAX_UID_T_LEN];
+ char idbuf[MAX_UID_T_LEN + 1];
unsigned int didvar;
bool reset_home = false;
} else {
if (!ISSET(didvar, DID_SHELL))
sudo_setenv2("SHELL", sudo_user.pw->pw_shell, false, true);
- if (!ISSET(didvar, DID_LOGNAME))
- sudo_setenv2("LOGNAME", user_name, false, true);
- if (!ISSET(didvar, DID_USER))
- sudo_setenv2("USER", user_name, false, true);
- if (!ISSET(didvar, DID_USERNAME))
- sudo_setenv2("USERNAME", user_name, false, true);
+ /* We will set LOGNAME later in the !def_set_logname case. */
+ if (!def_set_logname) {
+ if (!ISSET(didvar, DID_LOGNAME))
+ sudo_setenv2("LOGNAME", user_name, false, true);
+ if (!ISSET(didvar, DID_USER))
+ sudo_setenv2("USER", user_name, false, true);
+ if (!ISSET(didvar, DID_USERNAME))
+ sudo_setenv2("USERNAME", user_name, false, true);
+ }
}
/* If we didn't keep HOME, reset it based on target user. */
/*
* Set $USER, $LOGNAME and $USERNAME to target if "set_logname" is not
* disabled. We skip this if we are running a login shell (because
- * they have already been set them) or sudoedit (because we want the
- * editor to find the user's startup files).
+ * they have already been set) or sudoedit (because we want the editor
+ * to find the invoking user's startup files).
*/
if (def_set_logname && !ISSET(sudo_mode, MODE_LOGIN_SHELL|MODE_EDIT)) {
if (!ISSET(didvar, KEPT_LOGNAME))