isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Limit regular expressions to 1024 characters each.

Browse Source 
Avoids a problem with the fuzzer creating large regular expressions
that blow up the glibc regcomp().
This commit is contained in:
Todd C. Miller
2022-02-12 09:33:02 -07:00
parent 63b2a62f8a
commit 33f54c853b
6 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/sudo_logsrvd.conf.man.in
View File

@@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "February 11, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .TH "SUDO_LOGSRVD.CONF" "@mansectform@" "February 12, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -647,6 +647,7 @@ it will be matched in a case-insensitive manner.
Multiple Multiple
\fIpassprompt_regex\fR \fIpassprompt_regex\fR
settings may be specified. settings may be specified.
Each regular expression is limited to 1024 characters.
The default value is The default value is
\(lq[Pp]assword[: ]*\(rq. \(lq[Pp]assword[: ]*\(rq.
.SS "eventlog" .SS "eventlog"

3
docs/sudo_logsrvd.conf.mdoc.in
View File

@@ -15,7 +15,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.Dd February 11, 2022 .Dd February 12, 2022
.Dt SUDO_LOGSRVD.CONF @mansectform@ .Dt SUDO_LOGSRVD.CONF @mansectform@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -577,6 +577,7 @@ it will be matched in a case-insensitive manner.
Multiple Multiple
.Em passprompt_regex .Em passprompt_regex
settings may be specified. settings may be specified.
Each regular expression is limited to 1024 characters.
The default value is The default value is
.Dq [Pp]assword[: ]* . .Dq [Pp]assword[: ]* .
.El .El

6
docs/sudoers.man.in
View File

@@ -25,7 +25,7 @@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
.TH "SUDOERS" "@mansectform@" "February 11, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .TH "SUDOERS" "@mansectform@" "February 12, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -2170,6 +2170,9 @@ even possible to use wildcards for the path name and regular
expressions for the arguments. expressions for the arguments.
It is not possible to use a single regular expression to match It is not possible to use a single regular expression to match
both the command and its arguments. both the command and its arguments.
Regular expressions in
\fIsudoers\fR
are limited to 1024 characters.
.PP .PP
There is no need to escape There is no need to escape
\fIsudoers\fR \fIsudoers\fR
@@ -5427,6 +5430,7 @@ match password prompts in the terminal output.
As an extension, if the regular expression begins with As an extension, if the regular expression begins with
\(lq(?i)\(rq, \(lq(?i)\(rq,
it will be matched in a case-insensitive manner. it will be matched in a case-insensitive manner.
Each regular expression is limited to 1024 characters.
This option is only used when This option is only used when
\fIlog_passwords\fR \fIlog_passwords\fR
has been disabled. has been disabled.

6
docs/sudoers.mdoc.in
View File

@@ -24,7 +24,7 @@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
.Dd February 11, 2022 .Dd February 12, 2022
.Dt SUDOERS @mansectform@ .Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -2048,6 +2048,9 @@ even possible to use wildcards for the path name and regular
expressions for the arguments. expressions for the arguments.
It is not possible to use a single regular expression to match It is not possible to use a single regular expression to match
both the command and its arguments. both the command and its arguments.
Regular expressions in
.Em sudoers
are limited to 1024 characters.
.Pp .Pp
There is no need to escape There is no need to escape
.Em sudoers .Em sudoers
@@ -5065,6 +5068,7 @@ match password prompts in the terminal output.
As an extension, if the regular expression begins with As an extension, if the regular expression begins with
.Dq (?i) , .Dq (?i) ,
it will be matched in a case-insensitive manner. it will be matched in a case-insensitive manner.
Each regular expression is limited to 1024 characters.
This option is only used when This option is only used when
.Em log_passwords .Em log_passwords
has been disabled. has been disabled.

6
lib/util/regex.c
View File

@@ -98,6 +98,12 @@ sudo_regex_compile_v1(void *v, const char *pattern, const char **errstr)
/* Some callers just want to check the validity of the pattern. */ /* Some callers just want to check the validity of the pattern. */
preg = v ? v : &rebuf; preg = v ? v : &rebuf;
/* Limit the length of regular expressions to avoid fuzzer issues. */
if (strlen(pattern) > 1024) {
*errstr = N_("regular expression too large");
debug_return_bool(false);
}
/* Check for (?i) to enable case-insensitive matching. */ /* Check for (?i) to enable case-insensitive matching. */
cp = pattern[0] == '^' ? pattern + 1 : pattern; cp = pattern[0] == '^' ? pattern + 1 : pattern;
if (strncmp(cp, "(?i)", 4) == 0) { if (strncmp(cp, "(?i)", 4) == 0) {

8
po/sudo.pot
View File

@@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: sudo 1.9.10\n" "Project-Id-Version: sudo 1.9.10\n"
"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n" "Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
"POT-Creation-Date: 2022-02-11 18:33-0700\n" "POT-Creation-Date: 2022-02-12 09:31-0700\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -67,7 +67,7 @@ msgid "%s: %s"
msgstr "" msgstr ""
#: lib/util/aix.c:272 lib/util/gidlist.c:66 lib/util/json.c:55 #: lib/util/aix.c:272 lib/util/gidlist.c:66 lib/util/json.c:55
#: lib/util/json.c:184 lib/util/regex.c:107 lib/util/regex.c:115 #: lib/util/json.c:184 lib/util/regex.c:113 lib/util/regex.c:121
#: lib/util/sudo_conf.c:219 lib/util/sudo_conf.c:304 lib/util/sudo_conf.c:381 #: lib/util/sudo_conf.c:219 lib/util/sudo_conf.c:304 lib/util/sudo_conf.c:381
#: lib/util/sudo_conf.c:665 src/conversation.c:81 src/exec_intercept.c:100 #: lib/util/sudo_conf.c:665 src/conversation.c:81 src/exec_intercept.c:100
#: src/exec_intercept.c:330 src/exec_intercept.c:354 src/exec_intercept.c:377 #: src/exec_intercept.c:330 src/exec_intercept.c:354 src/exec_intercept.c:377
@@ -129,6 +129,10 @@ msgstr ""
msgid "unable to mkdir %.*s" msgid "unable to mkdir %.*s"
msgstr "" msgstr ""
#: lib/util/regex.c:103
msgid "regular expression too large"
msgstr ""
#: lib/util/strsignal.c:50 #: lib/util/strsignal.c:50
msgid "Unknown signal" msgid "Unknown signal"
msgstr "" msgstr ""