cvtsudoers generates invalid JSON when aliases do not resolve

Bug Description

When parsing a sudoers containing an alias that does not resolve, cvtsudoers will generate invalid JSON output.

With the reduced test case below:

User_Alias  CLI_USER = cli
Defaults:CLI_USR    !lecture

The following JSON output is generated:

cvtsudoers -f json --expand-aliases /tmp/crash.sudoers
{
    "Defaults": [
        {
            "Binding": [
            ] <----- missing comma here
            "Options": [
                { "lecture": false }
            ]
        }
    ]
}

I took some traces and this is the behavior with an alias that resolves:

   120 ms     | sudo_json_open_array_v1()
   120 ms     |    | json_new_line()
   120 ms     |    | json_append_string()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    |    | json_append_buf()
   120 ms     |    | json_append_buf()
   120 ms     | print_member_json_int()
   120 ms     | sudo_json_close_array_v1()
   120 ms     |    | json_new_line()
   120 ms     |    | json_append_buf()
   120 ms     | sudo_json_open_array_v1()

and the behavior with an alias that does not resolve:

    97 ms     | sudo_json_open_array_v1()
    97 ms     |    | json_new_line()
    97 ms     |    | json_append_string()
    97 ms     |    |    | json_append_buf()
    97 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    |    | json_append_buf()
    98 ms     |    | json_append_buf()
    98 ms     | print_member_json_int()
    98 ms     |    | print_member_json_int()
    98 ms     |    |    | sudo_json_add_value_as_object_v1()
    98 ms     |    |    |    | sudo_json_add_value_int()
    98 ms     |    |    |    |    | json_new_line()
    98 ms     |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    | json_append_string()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    | json_append_string()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    |    | json_append_buf()
    98 ms     |    |    |    |    | json_append_buf()
    98 ms     | sudo_json_close_array_v1()
    98 ms     |    | json_new_line()
    98 ms     |    | json_append_buf()
    98 ms     | sudo_json_open_array_v1()

Affected Software Version

cvtsudoers version 1.9.9
cvtsudoers grammar version 48

And also tested with the latest commit as of now (648ce410f).

Background Information

We're scanning large amounts of sudoers files from a firmware corpus. We noticed that behavior when looking into --expand-alias.

sudo-project / sudo

cvtsudoers generates invalid JSON when aliases do not resolve #381

Bug Description

Affected Software Version

Background Information