isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,868 Commits 1 Branch 0 Tags
0b506a2d07df25073f08975687ce6ea44c35d65b
Commit Graph

164 Commits

Author SHA1 Message Date
Todd C. Miller
3dc8497b48 Add additional PVS-studio suppression comments for generated code. 2022-07-08 10:53:00 -06:00
Todd C. Miller
9bb288d10e Regenerate files after merging AppArmor integration. 2022-05-27 08:30:34 -06:00
Todd C. Miller
7c17f84a35 Add helper function to compile a regex that supports (?i). 2022-02-11 12:01:31 -07:00
Todd C. Miller
86d2173937 Add support for matching command and args using regular expressions. 
Either the command, its arguments or both may be (separate)
regular expressions.
 2022-02-10 18:26:24 -07:00
Todd C. Miller
4a49f16967 expand_include: add bounds checking when expanding %h escape. 2021-09-21 19:33:51 -06:00
Todd C. Miller
dc90df8de5 Check snprintf() return values even if we preallocated the correct amount. 
There are no remaining unchecked snprintf() that can actually overflow.
 2021-09-21 19:13:35 -06:00
Todd C. Miller
d9e8c852ba Quiet pvs-studio false positive: V557 Array overrun is possible. 
Make the zero length check explicit so as not to confuse static
(or human) analyzers.
 2021-09-18 09:51:32 -06:00
Todd C. Miller
786e5865cb Add "intercept" Defaults setting to allow interception of sub-commands. 
This causes "intercept" to be set to true in command_info[] which
the sudo front-end will use to determine whether or not to intercept
attempts to run further commands, such as from a shell.  Also add
"log_children" which will use the same mechanism but only log (audit)
further commands.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
2db9e64214 Move reference-counted string code from sudoers to libsudo_util. 
It will be used by sudo_logsrvd too.
 2021-04-06 14:44:19 -06:00
Todd C. Miller
ac8f23ef9a Initialize the lbuf used by sudoers_trace_print() in init_lexer(). 
Free the old buffer if there is one, otherwise it would never be freed.
 2021-03-01 18:57:05 -07:00
Todd C. Miller
9937d08031 Distinguish between EOF and error using feof(3), not ferror(3). 
Our getdelim(3) emulation won't set the error flag if the error is
due to an allocation failure.  This explains the premature EOF
without error seen in Bug #960.
 2021-02-17 18:57:21 -07:00
Todd C. Miller
cbf73e19bb Portable workaround for getdelim(3) implementations modify buf on EOF. 
We should assume that the contents of buf are undefined when getdelim(3)
returns -1.  We now peek ahead one char and skip the getdelim(3) call if
EOF is detected.  This will preserve the original value of the last line.
 2021-02-09 18:23:23 -07:00
Todd C. Miller
cf18011466 Some getdelim(3) implementations write a NUL to the buffer on EOF. 
AIX and Illumos appear to have this behavior.  We now preserve the
first character of the buffer on EOF to work around this.
Fixes reporting of syntax errors on the last line of a file.
 2021-02-09 09:06:17 -07:00
Todd C. Miller
04de04f544 The lexer now sets an error string before returning ERROR. 
The parser will use that when reporting on an ERROR state.  This
prevents the lexer from reporting errors about tokens that are not
actually consumed by the parser and we don't have to worry about
both the lexer and the parser reporting errors.  It also means we
only get one error per sudoers line.
 2021-02-08 13:43:49 -07:00
Todd C. Miller
9325a342b5 Go back to storing the last error file/line in sudoerserrorf(). 
This is still the best way to avoid displaying more than one error
per line.
 2021-02-08 08:00:04 -07:00
Todd C. Miller
665f8d2e3e Only strip double quotes from an include path if len >= 2. 
Found locally using libfuzzer/oss-fuzz.
 2021-02-03 16:50:04 -07:00
Todd C. Miller
f5fc5d6417 If getdelim() returns a string with embedded NULs, truncate on first one. 
This should avoid some issues with the fuzzer.
 2021-02-03 15:13:18 -07:00
Todd C. Miller
10e37223b5 Reallocate the buffer correctly when appending a newline. 
Fixes a potential buffer overflow introduced in the last commit.
 2021-02-03 15:13:03 -07:00
Todd C. Miller
884b2fb86b Fix NUL termination when parsing a sudoers file with no ending newline. 
oss-fuzz issue #30252
 2021-02-03 13:49:21 -07:00
Todd C. Miller
077c9b0c74 sudoersrestart() does not reset state to INITIAL, do it in init_lexer(). 
Fixes spurious errors from fuzz_sudoers, which calls the parser multiple times.
 2021-02-03 13:00:09 -07:00
Todd C. Miller
63a63680b6 Push lexer leak tracking down into check_fill.c. 
This lets us track things correctly when buffers are realloc()d.
Rewrote fill() and append() to be more readable.
 2021-02-03 12:57:04 -07:00
Todd C. Miller
f30670a42f Plug a few more parser leaks. 2021-02-01 19:56:52 -07:00
Todd C. Miller
9ed14870c6 Add garbage collection to the sudoers parser to clean up on error. 
This makes it possible to avoid memory leaks when there is a parse error.
 2021-02-01 15:06:20 -07:00
Todd C. Miller
4e11bc0e26 Suppress PVS Studio false positives. 2021-01-06 14:27:09 -07:00
Todd C. Miller
772619b7ef Remove special case EOF handling; lines now always end in a newline. 
Previously we needed to emulate some of the state transitions that
happen at end-of-line at end-of-file as well.  Those are no longer
needed now that we are guaranteed to always have a newline at the end.
 2020-09-28 10:10:16 -06:00
Todd C. Miller
f984f49c38 Increment sudolinebuf.size after realloc(). 2020-09-27 21:31:44 -06:00
Todd C. Miller
e8747a33f8 Add a newline at end of line if one is missing. 
This is simpler than having to support entries that end at EOF too.
 2020-09-27 20:21:05 -06:00
Todd C. Miller
9bb91cb64b Fix handling of a command spec without a newline at the end. 
For include files, we may need to inject a newline token now that
the grammar requires lines to end with a newline or EOF.  There is
no END (EOF) token processed after popping off an include file since
everything is just treated as one big file.
 2020-09-27 10:05:35 -06:00
Todd C. Miller
0276a565e6 Mark sudoerserror() messages for translation. 2020-09-27 06:51:16 -06:00
Todd C. Miller
ddc1383838 Fix line number accounting when a string contains a newline. 
Strings are not allowed to span multiple lines without a continuation
character.  Also provide a better error message if we are in the
middle of a string and hit EOF.
 2020-09-27 06:47:19 -06:00
Todd C. Miller
7d20900616 Use sudoerschar (yychar) instead of last_token. 
The parser already provides a way to examing the last token processed,
we don't need to add our own.
 2020-09-26 06:39:57 -06:00
Todd C. Miller
6bdfd010d2 Add CHROOT and CWD sudoers options. 
Also matching runchroot and runcwd Defaults settings.
 2020-09-01 06:26:00 -06:00
Todd C. Miller
d72a48dc78 Add NOMATCH token and use it in the lexer for an unmatched pattern. 
The ERROR token is now only used for errors detected by the lexer
and for which we've already printed an error.  This lets us remove
the hack in sudoerserror() and just check last_token to determine
whether or not to display the error.
 2020-08-16 06:42:15 -06:00
Todd C. Miller
8a97150f56 Define YYERROR_VERBOSE for bison and rename COMMENT -> '\n' 
This results in better error messages when there is a parse error
 2020-08-10 13:59:31 -06:00
Todd C. Miller
3235e4353c Display more specific parser error messages when possible. 2020-08-07 14:20:45 -06:00
Todd C. Miller
91cc68d7fd Keep track of the position of the current token for error messages. 2020-08-07 14:13:25 -06:00
Todd C. Miller
99f43f8a00 Store the current line in our own buffer for better error messages. 2020-08-06 21:16:35 -06:00
Todd C. Miller
2a58b19f96 Add workaround for yyless() not resetting yy_at_bol. 2020-08-05 09:13:09 -06:00
Todd C. Miller
838255bb80 Replace /*FALLTHROUGH*/ in generated code. 2020-08-02 06:42:57 -06:00
Todd C. Miller
741c6f274e Add support for @include and @includedir 
These are less confusing than #include and #includedir when the
hash character is also the comment character.

This commit also adds real parsing of include directives as opposed
to the pure lexer approach used previously.  As a result, it is now
possible to include files with spaces by either using a double-quoted
string or escaping the space characters with a backslash.
 2020-05-20 13:10:53 -06:00
Todd C. Miller
a41d7b545a Fix a memory leak on error when including a file or directory. 2020-05-19 10:09:34 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
8c08f5ef03 Allow Cmd_Alias in addition to Cmnd_Alias. 
Some people find using Cmd_Alias more natural.
 2020-03-11 11:17:38 -06:00
Todd C. Miller
d2314acae8 Don't require a newline at the end of include or includedir directives. 2020-02-14 14:06:45 -07:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
37670a008b Fix parsing of double-quoted Defaults bindings that start with % or +. 
From sudo-1.8.23-fix-double-quote-parsing-for-Defaults-values.patch in RHEL 7.
 2019-08-20 10:25:38 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
ea3ede690f Ignore carriage return before a linefeed. 
This allows sudo to parse files with DOS-style line endings.
 2019-03-03 14:41:59 -07:00
Todd C. Miller
1e6e048180 Rename FOLLOW and NOFOLLOW tokens FOLLOWLNK and NOFOLLOWLNK. 
Fixes a namespace collision on Solaris when bison is used.
 2019-02-12 12:02:02 -07:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00