isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,868 Commits 1 Branch 0 Tags
0b506a2d07df25073f08975687ce6ea44c35d65b
Commit Graph

175 Commits

Author SHA1 Message Date
Todd C. Miller
a2b0a8330c Fix a few whitespace issues. 2022-07-09 11:21:17 -06:00
Todd C. Miller
3dc8497b48 Add additional PVS-studio suppression comments for generated code. 2022-07-08 10:53:00 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
b497d74544 init_options: initialize apparmor_profile to NULL 2022-05-27 13:57:22 -06:00
Todd C. Miller
9bb288d10e Regenerate files after merging AppArmor integration. 2022-05-27 08:30:34 -06:00
Todd C. Miller
8dae0ba06c Fix off-by-one when storing line number in userspec. 
We store the line number *after* parsing the newline so we need to
subtract one.
 2022-03-10 20:05:40 -07:00
Todd C. Miller
d7ddff2a31 Add a hook for sudoers parse errors (including defaults and aliases). 
The hook can be used to log parser errors (sudoers module) or keep
track of which files have an error (visudo).
Previously, we only kept track of a single parse error.
 2022-03-10 13:30:56 -07:00
Todd C. Miller
7d3f9293c6 Preserve the column and error message when there is a syntax error. 
This information is now included in the error mail sent to root.
 2022-03-06 18:54:30 -07:00
Todd C. Miller
c8bf591042 Clear sudoers_errstr after it is used. 
This way we avoid printing the same error message more than once
if there are multiple ERROR tokens returned from the lexer.
 2022-02-10 16:09:44 -07:00
Todd C. Miller
4ffc3142c5 add_defaults: add defs == NULL check to quiet coverity false positive 2021-12-18 07:54:26 -07:00
Todd C. Miller
6a2c5043a9 add_defaults: defs can never be NULL 2021-12-17 16:04:33 -07:00
Todd C. Miller
e64a089aea Add reference counting to Defaults bindings. 
Previously, we checked that the previous entry's binding pointer
was not the same while freeing.  However, to be able to merge
Defaults records we cannot rely on Defaults entries with the same
binding being immediately adjacent.  This removes the prev_binding
checks in favor of a reference count which allows us to plug the
memory leak in cvtsudoers when merging Defaults.
 2021-11-20 08:01:37 -07:00
Todd C. Miller
730ebabdba init_parse_tree() now takes ownership of lhost and shost, if any. 
This means that lhost and shost in struct sudoers_parse_tree
are no longer const and that free_parse_tree() will free lhost/shost.
The only consumer that passed in lho.st/shost was the SSSD back-end
which has been updated to avoid a double-free.
 2021-11-19 12:29:21 -07:00
Todd C. Miller
b1309f76db Add sudoers_parse_tree_list, a tail queue of struct sudoers_parse_tree. 
This will be used to store multiple parse trees and merge them
into a single sudoers_parse_tree.
 2021-11-11 15:40:51 -07:00
Todd C. Miller
1831176a1a Add the ability to filter/match by command via the -m option. 
For example "cvtsudoers -m cmd=/bin/ls" would only display entries
that would allow /bin/ls to be allowed or denied.
 2021-09-24 10:44:13 -06:00
Todd C. Miller
0ea561ca6a Limit paths for command, cwd and chroot to PATH_MAX bytes. 
This helps prevent the fuzzer from going off the rails.
 2021-09-19 18:13:43 -06:00
Todd C. Miller
bf60451845 Remove conditional include of alloca.h, we don't define HAVE_ALLOCA_H. 
The configure check for alloca() was removed long ago but this got
missed.
 2021-09-03 16:03:48 -06:00
Todd C. Miller
53a95e3a50 Always allocate a struct sudo_command for the command, even for ALL. 
Previously we special-cased handling of ALL but this complicates
some upcoming changes.
 2021-08-18 09:12:19 -06:00
Todd C. Miller
786e5865cb Add "intercept" Defaults setting to allow interception of sub-commands. 
This causes "intercept" to be set to true in command_info[] which
the sudo front-end will use to determine whether or not to intercept
attempts to run further commands, such as from a shell.  Also add
"log_children" which will use the same mechanism but only log (audit)
further commands.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
2db9e64214 Move reference-counted string code from sudoers to libsudo_util. 
It will be used by sudo_logsrvd too.
 2021-04-06 14:44:19 -06:00
Todd C. Miller
d7d80e703f Use HAVE_STDINT_H instead of trying to guess based on __STDC_VERSION__. 
Fixes compilation with pre-C99 headers when the compiler supports C99.
 2021-03-10 12:27:14 -07:00
Todd C. Miller
04de04f544 The lexer now sets an error string before returning ERROR. 
The parser will use that when reporting on an ERROR state.  This
prevents the lexer from reporting errors about tokens that are not
actually consumed by the parser and we don't have to worry about
both the lexer and the parser reporting errors.  It also means we
only get one error per sudoers line.
 2021-02-08 13:43:49 -07:00
Todd C. Miller
9325a342b5 Go back to storing the last error file/line in sudoerserrorf(). 
This is still the best way to avoid displaying more than one error
per line.
 2021-02-08 08:00:04 -07:00
Todd C. Miller
c19cb388bc Add missing return statement when NO_LEAKS is not defined. 2021-02-07 13:37:21 -07:00
Todd C. Miller
b4cabdb394 Don't free the alias name in alias_add() if the alias already exists. 
We need to be able to display it using alias_error().
Only free what we actually allocated in alias_add() on error and
let the caller handle cleanup.  Note that we cannot completely fill
in the alias until it is inserted.  Otherwise, we will have modified
the file and members parameters even if there was an error.
As a result, we have to remove those from the leak list after
alias_add(), not before.
 2021-02-03 14:17:37 -07:00
Todd C. Miller
bd4e8bc699 Remove options from the leak list before freeing them. 
Should fix oss-fuzz issue #30236
 2021-02-03 07:52:38 -07:00
Todd C. Miller
bdb02b1eff Got back to calling alias_free() on alias_add() failure. 
We now need to remove the name and members from the leak list
*before* calling alias_add() since alias_add() will consume them
for both success and failure.
 2021-02-02 14:40:37 -07:00
Todd C. Miller
f30670a42f Plug a few more parser leaks. 2021-02-01 19:56:52 -07:00
Todd C. Miller
f59a8f3035 Make parser_leak_remove(type, NULL) a no-op. 2021-02-01 18:23:55 -07:00
Todd C. Miller
568931035d Move new_member_all to ldap_util.c, it is only used by ldap/sssd. 2021-01-31 05:44:40 -07:00
Todd C. Miller
9ed14870c6 Add garbage collection to the sudoers parser to clean up on error. 
This makes it possible to avoid memory leaks when there is a parse error.
 2021-02-01 15:06:20 -07:00
Todd C. Miller
4e11bc0e26 Suppress PVS Studio false positives. 2021-01-06 14:27:09 -07:00
Todd C. Miller
108e29446d Plug a memory leak in sudoerserrorf(). 2021-01-06 14:12:04 -07:00
Todd C. Miller
92c88d4105 Quiet a few harmless cppcheck warnings. 2021-01-06 13:01:10 -07:00
Todd C. Miller
d98374753c Change alias_add() to return bool and set errno on failure. 
This fixes a localization problem where the error message could
have been reported in the wrong locale.
 2020-12-02 13:12:09 -07:00
Todd C. Miller
95fb8eb727 Add sudoerserrorf(), a printf-style yyerror() function. 
Use this to display a better error message when using a reserved
work in an alias definition.
 2020-11-14 06:17:41 -07:00
Todd C. Miller
55c4f3bddd Introduce new_member_all() for code that doesn't include gram.h. 
The ldap and sssd back-ends no longer require gram.h which fixes a
compilation issue with IBM LDAP.
 2020-11-10 19:36:56 -07:00
Todd C. Miller
f8a708dae3 Regenerate with bison 3.7.3 2020-11-09 16:52:26 -07:00
Todd C. Miller
6286ce1d16 Store column number for aliases, defaults and userspecs too. 
This is used to provided the column number along with the line
number in error messages.  For aliases we store the column of the
alias name, not the value since that is what visudo generally needs.
 2020-11-02 05:39:06 -07:00
Todd C. Miller
982012dbb1 Display column number in parse error messages too. 
Bug #841
 2020-11-01 15:34:11 -07:00
Todd C. Miller
e8747a33f8 Add a newline at end of line if one is missing. 
This is simpler than having to support entries that end at EOF too.
 2020-09-27 20:21:05 -06:00
Todd C. Miller
7d20900616 Use sudoerschar (yychar) instead of last_token. 
The parser already provides a way to examing the last token processed,
we don't need to add our own.
 2020-09-26 06:39:57 -06:00
Todd C. Miller
70ada21c5b Detect when a reserved word is used when declaring an alias. 
Now instead of "syntax error, unexpected CHROOT, expecting ALIAS"
the message is "syntax error, reserved word used as an alias name"
Bug #941
 2020-09-25 12:24:45 -06:00
Todd C. Miller
8a8a24560e Fix copy and paste error; Coverity CID 214191 2020-09-03 13:23:27 -06:00
Todd C. Miller
578789c56f Fix error recovery in a privilege after a ':' separator. 2020-09-02 11:01:09 -06:00
Todd C. Miller
fc563286ff Initialize runchroot and runcwd in init_options() 2020-09-02 09:34:43 -06:00
Todd C. Miller
e3b85171f8 Regenerate the parser with "bison -y" for verbose syntax error messages. 2020-09-01 21:34:30 -06:00
Todd C. Miller
1676f0ceeb Support "*" for CWD/CHROOT to allow user to specify cwd or chroot. 
Adds two new command line options, -D (--chdir) and -R (--chroot)
that can only be used when sudoers sets runcwd or runchroot to "*".
 2020-09-01 14:10:02 -06:00
Todd C. Miller
6bdfd010d2 Add CHROOT and CWD sudoers options. 
Also matching runchroot and runcwd Defaults settings.
 2020-09-01 06:26:00 -06:00