119 Commits

Author SHA1 Message Date
Todd C. Miller
00452471b1 Add check for sysconf(_SC_PAGESIZE) failure. 2024-01-01 11:03:01 -07:00
Todd C. Miller
cf9fc5317e strlcpy_expand_host, sudo_getdelim, sudo_realpath: add restrict qualifier 2023-10-17 10:47:43 -06:00
Rose
e095069d2a Prefer fputs over fprintf where possible
fprintf does extra work and meant for formatting strings.
2023-10-15 10:28:57 -06:00
Rose
a4cbd7fe7b Swap calloc arguments to use them properly. 2023-10-15 10:19:58 -06:00
Todd C. Miller
e343e07543 Use #include <foo.h> instead of #include "foo.h" in most cases.
We rely on the include path to find many of these headers.  It
especially doesn't make sense to use #include "foo.h" for headers
in the top-level include directory.
2023-09-25 10:13:28 -06:00
Todd C. Miller
5f2a0a70e5 Fix printf format string mismatch now that 'i' is size_t. 2023-08-07 11:31:04 -06:00
Todd C. Miller
77f94f291a sudo_digest_getlen: return size_t, and 0 on error instead of -1
This is an API change, sudo_digest_getlen_v1 remains for binary
compatibility.
2023-08-07 08:43:13 -06:00
Todd C. Miller
5768d374cc libsudo_util: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
bced0a7786 Make the remaining instances of digest_type unsigned. 2023-07-06 08:01:15 -06:00
Rose
45fdfa18f1 Mark functions not returning as sudo_noreturn
We also put NOTREACHED where it applies.
2023-07-01 17:40:16 -04:00
Rose
22079c3072 Avoid compiler casting warnings Part 2
This saves instructions that are related to casting as well as compiler warnings.
2023-06-29 13:10:27 -04:00
Todd C. Miller
dea110a848 Add tests for SHA2 digest support.
This uses the NIST byte-oriented short message test vectors.
2023-03-07 12:45:13 -07:00
Todd C. Miller
e11bb93e26 Add tests for escaped digits. 2023-01-23 08:48:21 -07:00
Todd C. Miller
e5d98da014 Move hexchar() from the sudoers plugin to lib/util. 2023-01-03 15:50:42 -07:00
Todd C. Miller
91d7592e8a Use initprogname(), not setprogname() in the fuzzers.
This results in better coverage for progname.c.
2022-12-29 15:52:21 -07:00
Todd C. Miller
206155e603 Add probe_interfaces and intercept_path. 2022-12-29 15:44:54 -07:00
Todd C. Miller
bd98868518 Exercise getter functions. 2022-12-29 15:44:33 -07:00
Todd C. Miller
ee5b43280b Check for bound values larger than 255 and reject them.
This is to prevent the fuzzers from running out of memory.
2022-12-27 13:22:29 -07:00
Todd C. Miller
50958a05da Remove developer mode from sudo.conf, it is no longer used. 2022-12-26 07:43:55 -07:00
Todd C. Miller
d7b3673933 Add missing sudo_json_free(). 2022-12-17 16:37:29 -07:00
Todd C. Miller
0614c1f626 check_pattern: check bounds as a repetition operator too.
Add regess to verify check_pattern() via sudo_regex_compile().
2022-12-17 15:09:30 -07:00
Todd C. Miller
797cc917a8 Add basic regress for JSON functions.
Fix a bug in escaped control character handling.
Roll back changes to buffer if sudo_json_add_value() fails.
2022-12-15 19:49:11 -07:00
Todd C. Miller
a04557c3d4 Fix memory leak in multiarch_test to quiet leak sanitizer. 2022-12-11 13:46:04 -07:00
Todd C. Miller
7e20e4b80f Apply multiarch rules when loading plugins too. 2022-10-06 12:46:38 -06:00
Todd C. Miller
b37bf44cdd Add test for sudo open_parent_dir() 2022-10-05 12:36:14 -06:00
Todd C. Miller
f6e4d2765a Add explicit include of unistd.h for getopt(3) and related variables. 2022-07-05 11:35:25 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
51b64780c0 Plug a memory leak. 2022-06-01 15:24:28 -06:00
Todd C. Miller
b2a32f95ee getdelim_test: increase longstr to check end pointer after realloc
This would have caught the recent bug in our getdelim replacement
when run under address-sanitizer or valgrind.
2022-03-11 09:03:55 -07:00
Todd C. Miller
31ab2e2297 Plug a few test memory leaks now that they return from main(). 2022-03-08 13:34:38 -07:00
Todd C. Miller
43cc80d795 Add -v option parsing to regress tests, currently a no-op.
This will be used by a "check-verbose" target in the future.
2022-03-02 11:09:51 -07:00
Todd C. Miller
75a0e51590 Add sudo_closefrom() regression test. 2022-03-01 11:31:19 -07:00
Todd C. Miller
c2bd52edf8 Allow test harness to be run from any directory.
Also add missing copyright notice.
2022-02-28 19:39:33 -07:00
Todd C. Miller
a4f847b1d6 Adapt test harness for lib/util and move to regress directory. 2022-02-28 19:23:41 -07:00
Todd C. Miller
41bc52302b Do not disable fuzzer output if SUDO_FUZZ_VERBOSE env variable is set. 2022-02-22 12:04:10 -07:00
Larkin Nickle
07bdfeedb8 Define MAP_FAILED where relevant if undefined
On systems such as HP-UX 10.20, MAP_FAILED is not
defined.
2021-10-21 19:16:28 -04:00
Todd C. Miller
eefb7b0d54 Use a consistent version of fuzz_conversation() with all fuzzers.
Also undo a change to fuzz_sudoers.c that snuck in to the last commit.
2021-09-28 20:20:28 -06:00
Todd C. Miller
7d964875df Fuzzers should not produce output.
Excessive output makes the fuzzer runs much less efficient.
2021-09-28 18:53:49 -06:00
Todd C. Miller
4bff82cab4 Fix random uuid generation, no need to convert between byte order.
Also add regression test.
2021-08-31 19:53:28 -06:00
Todd C. Miller
cc3b4ffb04 Remove vsyslog(3) emulation, it is no longer used. 2021-06-14 13:11:39 -06:00
Todd C. Miller
dfaa9b95f1 Add getgids utility to simular "id -G" using sudo_getgrouplist2() 2021-06-07 14:18:09 -06:00
Todd C. Miller
468e9c7f48 Awful hack to pass on macOS where group_source=dynamic by default. 2021-05-04 13:58:29 -06:00
Todd C. Miller
ac878d3e27 Quiet clang analyzer false positive in regress tests. 2021-04-27 15:56:24 -06:00
Todd C. Miller
6eff3b313b Move corpus files to a seed subdirectory. 2021-03-18 15:28:29 -06:00
Todd C. Miller
95bfd65fec Flush stdout before successful return from LLVMFuzzerTestOneInput().
Fixes a problem with diag lines from libFuzzer being interspersed
with test output.
2021-03-18 13:08:30 -06:00
Todd C. Miller
a3f38fac0c Set program name in fuzzers so we get consisten warnings. 2021-02-24 15:14:58 -07:00
Todd C. Miller
03e610dab5 Strings in dictionary files need to be quoted. 2021-02-23 12:38:02 -07:00
Todd C. Miller
081e219e23 Add dictionary files for fuzzers where possible. 2021-02-23 11:28:47 -07:00
Todd C. Miller
a7e2dd15e1 Test the error case by closing the underlying fd.
Note that we don't use ferror() here since our getdelim() has no
way to set the error flag if there is a memory allocation error.
2021-02-18 13:15:35 -07:00