/src/sudo/plugins/sudoers/env_pattern.c

Source (jump to first uncovered line)
/*
 * SPDX-License-Identifier: ISC
 *
 * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

/*
 * This is an open source non-commercial project. Dear PVS-Studio, please check it.
 * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
 */

#include <config.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "sudoers.h"

/* extern for regress tests */
bool
matches_env_pattern(const char *pattern, const char *var, bool *full_match)
{
    size_t len, sep_pos;
    bool iswild = false, match = false;
    bool saw_sep = false;
    const char *cp;
    debug_decl(matches_env_pattern, SUDOERS_DEBUG_ENV);

    /* Locate position of the '=' separator in var=value. */
    sep_pos = strcspn(var, "=");

    /* Locate '*' wildcard and compute len. */
    for (cp = pattern; *cp != '\0'; cp++) {
  if (*cp == '*') {
      iswild = true;
      break;
  }
    }
    len = (size_t)(cp - pattern);

    if (iswild) {
  /* Match up to the '*' wildcard. */
  if (strncmp(pattern, var, len) == 0) {
      while (*cp != '\0') {
    if (*cp == '*') {
        /* Collapse sequential '*'s */
        do {
      cp++;
        } while (*cp == '*');
        /* A '*' at the end of a pattern matches anything. */
        if (*cp == '\0') {
      match = true;
      break;
        }
        /* Keep track of whether we matched an equal sign. */
        if (*cp == '=')
      saw_sep = true;
        /* Look for first match of text after the '*' */
        while ((saw_sep || len != sep_pos) &&
      var[len] != '\0' && var[len] != *cp)
      len++;
    }
    if (var[len] != *cp)
        break;
    cp++;
    len++;
      }
      if (*cp == '\0' && (len == sep_pos || var[len] == '\0'))
    match = true;
  }
    } else {
  if (strncmp(pattern, var, len) == 0 &&
      (len == sep_pos || var[len] == '\0')) {
      match = true;
  }
    }
    if (match)
  *full_match = len > sep_pos + 1;
    debug_return_bool(match);
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* SPDX-License-Identifier: ISC
3		*
4		* Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
5		*
6		* Permission to use, copy, modify, and distribute this software for any
7		* purpose with or without fee is hereby granted, provided that the above
8		* copyright notice and this permission notice appear in all copies.
9		*
10		* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11		* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12		* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13		* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14		* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15		* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16		* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17		*/
18
19		/*
20		* This is an open source non-commercial project. Dear PVS-Studio, please check it.
21		* PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
22		*/
23
24		#include <config.h>
25
26		#include <stdio.h>
27		#include <stdlib.h>
28		#include <string.h>
29
30		#include "sudoers.h"
31
32		/* extern for regress tests */
33		bool
34		matches_env_pattern(const char pattern, const char var, bool *full_match)
35	10.9M	{
36	10.9M	size_t len, sep_pos;
37	10.9M	bool iswild = false, match = false;
38	10.9M	bool saw_sep = false;
39	10.9M	const char *cp;
40	10.9M	debug_decl(matches_env_pattern, SUDOERS_DEBUG_ENV);
41
42		/* Locate position of the '=' separator in var=value. */
43	10.9M	sep_pos = strcspn(var, "=");
44
45		/* Locate '' wildcard and compute len. /
46	90.5M	for (cp = pattern; *cp != '\0'; cp++) {
47	80.2M	if (cp == '') {
48	681k	iswild = true;
49	681k	break;
50	681k	}
51	80.2M	}
52	10.9M	len = (size_t)(cp - pattern);
53
54	10.9M	if (iswild) {
55		/* Match up to the '' wildcard. /
56	681k	if (strncmp(pattern, var, len) == 0) {
57	77.0k	while (*cp != '\0') {
58	77.0k	if (cp == '') {
59		/* Collapse sequential ''s /
60	48.8k	do {
61	48.8k	cp++;
62	48.8k	} while (cp == '');
63		/* A '' at the end of a pattern matches anything. /
64	48.8k	if (*cp == '\0') {
65	20.6k	match = true;
66	20.6k	break;
67	20.6k	}
68		/* Keep track of whether we matched an equal sign. */
69	28.2k	if (*cp == '=')
70	28.2k	saw_sep = true;
71		/* Look for first match of text after the '' /
72	328k	while ((saw_sep \|\| len != sep_pos) &&
73	328k	var[len] != '\0' && var[len] != *cp)
74	299k	len++;
75	28.2k	}
76	56.4k	if (var[len] != *cp)
77	28.2k	break;
78	28.1k	cp++;
79	28.1k	len++;
80	28.1k	}
81	48.8k	if (*cp == '\0' && (len == sep_pos \|\| var[len] == '\0'))
82	1.19k	match = true;
83	48.8k	}
84	10.3M	} else {
85	10.3M	if (strncmp(pattern, var, len) == 0 &&
86	10.3M	(len == sep_pos \|\| var[len] == '\0')) {
87	71.2k	match = true;
88	71.2k	}
89	10.3M	}
90	10.9M	if (match)
91	91.8k	*full_match = len > sep_pos + 1;
92	10.9M	debug_return_bool(match);
93	10.9M	}

Coverage Report

Created: 2023-06-07 06:46