opendoas

my fork of doas with custom prompt
git clone git://git.kocotian.pl/opendoas.git
Log | Files | Refs | README | LICENSE

commit 2d7431ca9ec0b3204a5e9fd01d0fffd946c4d430
parent e8e8713b26723d2daf3de50b51d2ac209ad65716
Author: millert <millert>
Date:   Wed, 27 Jan 2021 17:02:50 +0000

Promote nrules/maxrules to size_t and make sure they can't overflow. reallocarray(3) will fail if nmemb * size would overflow. OK tb@ martijn@

Diffstat:
Mdoas.c | 2+-
Mdoas.h | 2+-
Mparse.y | 16++++++++--------
3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/doas.c b/doas.c @@ -139,7 +139,7 @@ static int permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr, uid_t target, const char *cmd, const char **cmdargs) { - int i; + size_t i; *lastr = NULL; for (i = 0; i < nrules; i++) { diff --git a/doas.h b/doas.h @@ -26,7 +26,7 @@ struct rule { }; extern struct rule **rules; -extern int nrules; +extern size_t nrules; extern int parse_errors; extern const char *formerpath; diff --git a/parse.y b/parse.y @@ -52,8 +52,8 @@ typedef struct { FILE *yyfp; struct rule **rules; -int nrules; -static int maxrules; +size_t nrules; +static size_t maxrules; int parse_errors = 0; @@ -100,12 +100,12 @@ rule: action ident target cmd { r->cmdargs = $4.cmdargs; if (nrules == maxrules) { if (maxrules == 0) - maxrules = 63; - else - maxrules *= 2; - if (!(rules = reallocarray(rules, maxrules, - sizeof(*rules)))) + maxrules = 32; + rules = reallocarray(rules, maxrules, + 2 * sizeof(*rules)); + if (!rules) errx(1, "can't allocate rules"); + maxrules *= 2; } rules[nrules++] = r; } ; @@ -228,6 +228,7 @@ yylex(void) { char buf[1024], *ebuf, *p, *str; int c, quotes = 0, escape = 0, qpos = -1, nonkw = 0; + size_t i; p = buf; ebuf = buf + sizeof(buf); @@ -334,7 +335,6 @@ eow: goto repeat; } if (!nonkw) { - size_t i; for (i = 0; i < sizeof(keywords) / sizeof(keywords[0]); i++) { if (strcmp(buf, keywords[i].word) == 0) return keywords[i].token;