isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,192 Commits 1 Branch 0 Tags
1bcddb9602eeac0ff5543c5e85da5401cd94e24d
Commit Graph

20 Commits

Author SHA1 Message Date
Todd C. Miller
9c694e9a65 copy_vector: plug memory leak in error path 
Only the array was being freed, not the contents.
GitHub issue #202.
 2022-11-18 07:19:47 -07:00
Todd C. Miller
76bd1bcc95 copy_vector: treat a NULL pointer as an empty vector. 
Linux execve(2) allows argv to be NULL so we must allocate an empty
vector in this case and not return an error.
 2022-08-18 15:10:42 -06:00
Todd C. Miller
5516cdcd5b For preload DSO make copies of cmnd, argv, envp and map them read-only. 2022-07-25 19:56:54 -06:00
Todd C. Miller
226a6cd754 Use sudo_mmap_alloc functions in DSO-based intercept code. 2022-07-25 16:05:11 -06:00
Todd C. Miller
15fd62f0d5 resolve_path: skip non-regular files 2022-07-25 08:51:49 -06:00
Todd C. Miller
e5652fc65a Linux execve(2) allows argv or envp to be NULL. 
Add checks to make sure we don't deference a NULL pointer.
 2022-07-14 09:29:40 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
25a26f5042 Avoid using vfork(2) in the DSO system(3) wrapper. 
Traditional vfork(2) semantics make it unsafe for use for more than
just vfork(2) + execve(2).
 2022-06-03 09:43:34 -06:00
Todd C. Miller
cec83a05a3 Add configure check for vfork(2) and fall back to fork(2) if missing. 2022-05-31 14:47:39 -06:00
Todd C. Miller
f52342031d Add support for intercepting the system(3) function. 
This also means we can log system(3) with log_subcmds.
 2022-05-31 14:45:00 -06:00
Todd C. Miller
dc2b28d3e0 Pass envp, not environ, to real execve() from exec_wrapper() if possible. 
The replacement execve() function was passing the global environ
to exec_wrapper() instead of the envp parameter.  This caused the
command to be run with the wrong environment on AIX systems, and
possibly others, when intercept or log_subcmds was enabled.
Bug #1030.
 2022-05-26 16:33:46 -06:00
Todd C. Miller
3a4aec7a62 sudo_intercept.so: only replace execvpe() if it is present. 
execvpe() is a GNU extension also found on *BSD (but not macOS).
 2021-09-08 11:09:59 -06:00
Todd C. Miller
6c456127b3 Implement simple PATH resolution for execvp(). 
We want to use PATH from the current value of the environment, not
the initial value of PATH when the policy was opened.
This is a little different from how real execvp() works since we
use stat() instead of just execve().
 2021-09-07 19:55:47 -06:00
Todd C. Miller
7ae62866e4 Add support for execl, execle, execlp, execvp, and execvpe. 
Currently, PATH traversal is handled by sudoers which uses
the original PATH, not the one updated by the shell.
 2021-09-07 19:55:45 -06:00
Todd C. Miller
df68f4c8d9 Fix typo in macOS execv change. 2021-08-24 08:09:20 -06:00
Todd C. Miller
98401c0588 Add execv(3) support to sudo_intercept.so. 
This allows intercept to work with csh which uses execv(3) not execve(2).
 2021-08-21 08:44:16 -06:00
Todd C. Miller
dc281f0366 Add some debugging to the sudo_intercept.so. 2021-08-20 11:32:29 -06:00
Todd C. Miller
9c3df47da9 Move preload_dso() to its own file and rename to sudo_preload_dso(). 
It now takes an intercept fd as an optional argument instead of a
list of extra variables to add.  This lets us check whether it is
already set to the expected value (and add it if not).
sudo_intercept.so now uses sudo_preload_dso() to make sure that
LD_PRELOAD and SUDO_INTERCEPT_FD are set properly before executing.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
4cf3d1c416 Implement sudo_intercept.so. 
Uses protobuf to talk to main sudo process over a socketpair.
 2021-08-09 15:50:25 -06:00