isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,119 Commits 1 Branch 0 Tags
0010c9861343a23fa1dbbe06872577cf3351747c
Commit Graph

12119 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
0010c98613 Pass the name to the config.cache file to the build script. 
If --cache-file is not specified, no config.cache file will be used.
Add an "omit_artifacts" setting for platforms where we don't publish
artifacts.
 2023-01-20 10:30:19 -07:00
Todd C. Miller
ee2f2287a6 check_pattern: accept a backslash before the numeric bound like glibc. 
This helps avoid out-of-memory conditions when fuzzing on Linux.
 2023-01-19 19:50:09 -07:00
Todd C. Miller
7a64275a3d Don't use -Wl,--no-undefined with the sanitizers/fuzzers. 
It breaks linking when using -fsanitize with clang at least.
 2023-01-19 19:40:35 -07:00
Todd C. Miller
c6cc680069 Add a link to the sudo security advisories archive. 2023-01-19 15:20:38 -07:00
Todd C. Miller
f7265f5de2 Eliminate usage of obsolete 2-argument AC_CHECK_TYPE macro. 2023-01-19 13:59:05 -07:00
Todd C. Miller
9ddae66818 Add support for the struct kinfo_proc on Dragonfly BSD. 2023-01-19 13:22:32 -07:00
Todd C. Miller
d409ba67c6 Elminate the $OS variable, we can just use $host_os instead. 2023-01-19 13:22:31 -07:00
Todd C. Miller
cb56fd2edb Need to link sudo and sudoers with -lutil on Dragonfly BSD. 
It is safer to just search for setusercontext() in libc and libutil
instead of matching on the operating system.
 2023-01-19 13:22:31 -07:00
Todd C. Miller
83b4cee98a Add -Wl,--no-undefined to LDFLAGS if it is supported. 
This will find missing symbols at build-time instead of run-time.
Don't use it on FreeBSD where environ is filled in by the dynamic loader.
We also need to pull in -llber with -lldap where possible (instead
of relying on DT_NEEDED) to avoid undefined symbol errors when
building with LDAP support.
 2023-01-19 07:47:10 -07:00
Todd C. Miller
1e0bb704c2 Restore the line that set errno to ENOENT when find_path() fails. 
This was inadvertently removed when the "goto bad" was added.
 2023-01-19 10:08:38 -07:00
Todd C. Miller
e3583e01b8 The sample plugin is now built by default to avoid bit rot. 
GitHub issue #234.
 2023-01-19 07:38:51 -07:00
Todd C. Miller
4f9da47e55 The change from sudo_printf -> sudo_plugin_printf was incomplete. 
Fixes GitHub issue #234.
 2023-01-19 07:38:29 -07:00
Todd C. Miller
544c978217 Solaris: use lt_prog_compiler_pic instead of assuming -KPIC 2023-01-18 16:05:52 -07:00
Todd C. Miller
e72d75d38e Solaris: the aslr, nxheap and nxstack link options are only for executables. 
Move them back to PIE_LDFLAGS, which is only used when linking a binary.
 2023-01-18 15:38:31 -07:00
Todd C. Miller
7d4666656e Solaris: move aslr linker option to hardening and try to build real PIEs 
These flags are specific to the Solaris linker.
 2023-01-18 15:14:55 -07:00
Todd C. Miller
b44ad49bf7 Enable non-executable heap and stack options for Solaris ld. 2023-01-18 14:54:20 -07:00
Todd C. Miller
73c52e731a Limit some of the hardening tests to compilers that define __GNUC__. 
This should avoid false positives on other compilers.
 2023-01-18 14:39:52 -07:00
Todd C. Miller
7ff70c09fe Update expected plugin version. 2023-01-18 13:53:33 -07:00
Todd C. Miller
0865e61d9e Pass back the number of files to edit when using sudoedit. 
The sudo front-end can use this to determine where the list of files
to edit begins.
 2023-01-18 13:38:15 -07:00
Todd C. Miller
334daf92b3 Escape control characters in log messages and "sudoreplay -l" output. 
The log message contains user-controlled strings that could include
things like terminal control characters.  Space characters in the
command path are now also escaped.

Command line arguments that contain spaces are surrounded with
single quotes and any literal single quote or backslash characters
are escaped with a backslash.  This makes it possible to distinguish
multiple command line arguments from a single argument that contains
spaces.

Issue found by Matthieu Barjole and Victor Cutillas of Synacktiv
(https://synacktiv.com).
 2023-01-18 08:21:34 -07:00
Todd C. Miller
77557f8f19 Merge in sudo 1.9.12p2 changes. 2023-01-18 08:21:25 -07:00
Todd C. Miller
0274a4f3b4 sudoedit: do not permit editor arguments to include "--" (CVE-2023-22809) 
We use "--" to separate the editor and arguments from the files to edit.
If the editor arguments include "--", sudo can be tricked into allowing
the user to edit a file not permitted by the security policy.
Thanks to Matthieu Barjole and Victor Cutillas of Synacktiv
(https://synacktiv.com) for finding this bug.
 2023-01-12 15:55:27 -07:00
Todd C. Miller
a960d2c45f Add back the linker check for -fstack-clash-protection. 
This is expected to fix GitHub issue #231.
 2023-01-17 16:19:29 -07:00
Todd C. Miller
3726e38394 Stop using 8n width in tagged lists. 
Use either 4n, when the body is expected to wrap or the width of
the longest tag when no wrapping is expected.
 2023-01-16 08:53:35 -07:00
Todd C. Miller
0814749132 Use -width Ds for the options list, not -width Fl. 2023-01-16 08:29:39 -07:00
Todd C. Miller
a7e8a20d0d Reduce the offset of bullet lists to 1n. 2023-01-16 08:15:46 -07:00
Todd C. Miller
1eae385af1 Shorten --with-passprompt and --with-mailsubject arguments to a single word. 
The script that generates the web version of this file doesn't
expect options to include whitespace.
 2023-01-16 07:51:47 -07:00
Todd C. Miller
f0665166bd Shorten --with-badpass-message argument to a single word. 
The fix_install script can't deal with whitespace in options.
 2023-01-15 17:53:09 -07:00
Todd C. Miller
e5634ae991 Make numbered lists more markdown-friendly. 
Also add line breaks when there are multiple authors.
 2023-01-15 16:48:38 -07:00
Todd C. Miller
49ad30efa3 Make lists of directories more markdown-friendly. 2023-01-15 16:34:06 -07:00
Todd C. Miller
6725c37e3c Check for errors when removing the temp directory. 
If we cannot remove the directory tree that may indicate a file or
directory mode problem.
 2023-01-12 19:20:17 -07:00
Todd C. Miller
8d7feb76ed iolog_mkdtemp: fix pasto in last commit 
Set mode to iolog_dirmode, not iolog_filemode
 2023-01-12 19:15:22 -07:00
Todd C. Miller
0b2f9cbe7c In SHA256Pad and SHA512Pad use 511 and 1023 respectively for bitwise AND. 
Previously we were using 504 and 1016 which still produces the
correct result since padding is done in 8-bit bytes.  However, using
size-1 for the bitwise AND makes the intent clearer and likely would
have prevented the previous bug in SHA512Pad.
From Matthieu Barjole and Victor Cutillas of Synacktiv (https://synacktiv.com)
 2023-01-09 14:37:47 -07:00
Todd C. Miller
3878ce8d49 env_file_next_local: change the order of the val_len check. 
It makes more sense to verify that val_len > 1 before using it.
This is not a problem in practice because val[val_len - 1] is
guaranteed not to underflow but it can confuse reviewers and static
analyzers.
 2023-01-09 14:26:07 -07:00
Todd C. Miller
d781ab0a89 Fix typo in check for environment variables that start with '='. 2023-01-09 14:23:50 -07:00
Todd C. Miller
1b7604e5cb sudo_lbuf_print: no longer need to check for lbuf->len > 0. 
Now that lbuf length is unsigned the earlier check for len == 0 is
sufficient.
 2023-01-09 14:16:59 -07:00
Todd C. Miller
ca297658dd Increase minimum allocation size from 256 to 1024 bytes. 2023-01-09 14:15:23 -07:00
Todd C. Miller
1f58e5a8e0 Fix IS_IDLOG macro, it was testing the wrong byte for the NUL. 
This causes the macro to evaluate to false even for valid TSIDs.
 2023-01-09 13:03:55 -07:00
Todd C. Miller
8309fbb970 sudoers_trace_print: this is a no-op if not debugging 2023-01-04 10:44:58 -07:00
Todd C. Miller
532023f7b6 sudo_lbuf_expand: don't allocate less than 256 bytes at a time. 2023-01-04 10:36:09 -07:00
Todd C. Miller
dc9ef69021 sudo_lbuf_expand: round nearest power of two instead of multiple of 256. 2023-01-03 21:34:20 -07:00
Todd C. Miller
dd934d6a21 Update copyright year. 2023-01-03 20:04:35 -07:00
Todd C. Miller
13df52889f sudo_lbuf_expand: check for possible integer overflow 
The numeric fields in struct sudo_lbuf are now unsigned so that
wraparound is defined, this make the overflow checks simpler.
Problem deteced by oss-fuzz using the fuzz_sudoers fuzzer.
 2023-01-03 20:02:01 -07:00
Todd C. Miller
6b80ab74ea Decode \u00XX in a JSON string now that we escape control chars. 
We don't write Unicode to the log.json file, only 8-bit ASCII.
 2023-01-03 15:59:23 -07:00
Todd C. Miller
e5d98da014 Move hexchar() from the sudoers plugin to lib/util. 2023-01-03 15:50:42 -07:00
Todd C. Miller
0cb3835111 sudo_open_parent_dir: adjust loop terminating condition 
Checking for ep < pathend should be a bit clearer than ep != '\0'
and has the advantage of working when pathend doesn't point to a
NUL byte.  No intended change in behavior.
 2023-01-03 15:22:29 -07:00
Todd C. Miller
311d8e82df iolog_mkdtemp: fix failure when the specified path contains subdirectories. 
This fixes a bug introduced in sudo 1.9.12.
 2023-01-03 14:30:48 -07:00
Todd C. Miller
bfd7d586b5 check_iolog_mkpath: fix exit value 2023-01-03 14:02:23 -07:00
Todd C. Miller
6f94854673 Merge pull request #227 from sohomdatta1/integer_underflow 
Prevent integer underflow due to environment variable
 2023-01-02 08:41:22 -07:00
Sohom
761ffb3bfe Prevent integer underflow due to environment variable 
Gaurd against replacing quotes when the environment variable
val_len is 1.
 2023-01-02 11:47:52 +05:30