isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use a consistent version of fuzz_conversation() with all fuzzers.

Browse Source 
Also undo a change to fuzz_sudoers.c that snuck in to the last commit.
This commit is contained in:
Todd C. Miller
2021-09-28 20:20:28 -06:00
parent 7d964875df
commit eefb7b0d54
8 changed files with 143 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
lib/iolog/regress/fuzz/fuzz_iolog_json.c
View File

@@ -66,6 +66,25 @@ static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{ {
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0; return 0;
} }

19
lib/iolog/regress/fuzz/fuzz_iolog_legacy.c
View File

@@ -64,6 +64,25 @@ static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{ {
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0; return 0;
} }

19
lib/iolog/regress/fuzz/fuzz_iolog_timing.c
View File

@@ -45,6 +45,25 @@ static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{ {
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0; return 0;
} }

19
lib/util/regress/fuzz/fuzz_sudo_conf.c
View File

@@ -37,6 +37,25 @@ static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{ {
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0; return 0;
} }

19
logsrvd/regress/fuzz/fuzz_logsrvd_conf.c
View File

@@ -47,6 +47,25 @@ static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{ {
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0; return 0;
} }

19
plugins/sudoers/regress/fuzz/fuzz_policy.c
View File

@@ -133,6 +133,25 @@ static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{ {
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0; return 0;
} }

16
plugins/sudoers/regress/fuzz/fuzz_sudoers.c
View File

@@ -69,7 +69,6 @@ fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
for (n = 0; n < num_msgs; n++) { for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n]; const struct sudo_conv_message *msg = &msgs[n];
FILE *fp = stdout;
switch (msg->msg_type & 0xff) { switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON: case SUDO_CONV_PROMPT_ECHO_ON:
@@ -78,18 +77,8 @@ fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
/* input not supported */ /* input not supported */
return -1; return -1;
case SUDO_CONV_ERROR_MSG: case SUDO_CONV_ERROR_MSG:
fp = stderr;
FALLTHROUGH;
case SUDO_CONV_INFO_MSG: case SUDO_CONV_INFO_MSG:
if (msg->msg != NULL) { /* no output for fuzzers */
size_t len = strlen(msg->msg);
if (len == 0)
break;
if (fwrite(msg->msg, 1, len, fp) == 0 || fputc('\n', fp) == EOF)
return -1;
}
break; break;
default: default:
return -1; return -1;
@@ -197,6 +186,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
setprogname("fuzz_sudoers"); setprogname("fuzz_sudoers");
sudoers_debug_register(getprogname(), NULL); sudoers_debug_register(getprogname(), NULL);
sudo_warn_set_conversation(fuzz_conversation);
/* Sudoers locale setup. */ /* Sudoers locale setup. */
sudoers_initlocale(setlocale(LC_ALL, ""), "C"); sudoers_initlocale(setlocale(LC_ALL, ""), "C");
@@ -352,11 +342,9 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
/* Match again as a pseudo-command (list, validate, etc). */ /* Match again as a pseudo-command (list, validate, etc). */
sudoers_lookup(&snl, sudo_user.pw, &cmnd_status, true); sudoers_lookup(&snl, sudo_user.pw, &cmnd_status, true);
#if 0
/* Display privileges. */ /* Display privileges. */
display_privs(&snl, sudo_user.pw, false); display_privs(&snl, sudo_user.pw, false);
display_privs(&snl, sudo_user.pw, true); display_privs(&snl, sudo_user.pw, true);
#endif
} }
/* Expand tildes in runcwd and runchroot. */ /* Expand tildes in runcwd and runchroot. */

27
plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c
View File

@@ -82,6 +82,32 @@ open_data(const uint8_t *data, size_t size)
#endif #endif
} }
static int
fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[], struct sudo_conv_callback *callback)
{
int n;
for (n = 0; n < num_msgs; n++) {
const struct sudo_conv_message *msg = &msgs[n];
switch (msg->msg_type & 0xff) {
case SUDO_CONV_PROMPT_ECHO_ON:
case SUDO_CONV_PROMPT_MASK:
case SUDO_CONV_PROMPT_ECHO_OFF:
/* input not supported */
return -1;
case SUDO_CONV_ERROR_MSG:
case SUDO_CONV_INFO_MSG:
/* no output for fuzzers */
break;
default:
return -1;
}
}
return 0;
}
int int
LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{ {
@@ -98,6 +124,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
setprogname("fuzz_sudoers_ldif"); setprogname("fuzz_sudoers_ldif");
sudoers_debug_register(getprogname(), NULL); sudoers_debug_register(getprogname(), NULL);
sudo_warn_set_conversation(fuzz_conversation);
/* Initialize defaults and parse LDIF-format sudoers. */ /* Initialize defaults and parse LDIF-format sudoers. */
init_defaults(); init_defaults();