isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,390 Commits 1 Branch 0 Tags
30f7ecca10c0f36cea91c58f30d4db2f22a754d9
Commit Graph

103 Commits

Author SHA1 Message Date
Todd C. Miller
4abd2a6cf4 Merge in Solaris privilege support by Darren Moffat and John Zolnowsky 2012-07-26 13:49:21 -04:00
Todd C. Miller
8a7ac44590 Fix #includedir; from Mike Frysinger 2012-05-17 15:42:57 -04:00
Todd C. Miller
2c84bd4d08 Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. 
Log the function, file and line number in the debug log for warning()
and error().
 2012-04-05 12:37:15 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
b330cbbed8 We should always call warning() with a format string or a string literal. 
In this case, the argument (path) is not user-controlled.
 2012-03-15 08:47:23 -04:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
481877e3b8 Add support for relative paths in #include and #includedir 2011-11-17 20:48:42 -05:00
Todd C. Miller
ab437ae6c3 Add lexer tracing as debug@parser 2011-11-12 12:41:44 -05:00
Todd C. Miller
09beba8259 Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and 
<def_data.h> and not "def_data.h" when generating the parser in a
build dir.
 2011-11-12 12:18:44 -05:00
Todd C. Miller
0bf68d2103 #include "gram.h" not <gram.h> and "def_data.h" and not <def_data.h>. 2011-11-08 14:09:48 -05:00
Todd C. Miller
bd881c26e8 Keep track of the last token returned. On error, if the last token was 
COMMENT, decrement sudolineno since the error most likely occurred on
the preceding line.  Previously we always uses sudolineno-1 which will
give the wrong line number for errors within a line.
 2011-11-05 07:37:14 -04:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
4f9a93f658 Fix some potential problems found by the clang static analyzer, 
none serious.
 2011-07-28 10:59:37 -04:00
Todd C. Miller
f6aea10724 Quiet compiler warning when SELinux is enabled. 2011-05-16 16:52:34 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
4dd3440cb6 Split ALL, ROLE and TYPE into their own actions. Since you can 
only have #ifdefs inside of braces, ROLE and TYPE use a naughty
goto in the non-SELinux case.  This is safe because the actions are
in one big switch() statement.
 2011-04-29 16:05:50 -04:00
Todd C. Miller
189817a313 Fix regexp for matching a CIDR-style IPv4 netmask. From Marc Espie. 2011-04-29 11:22:49 -04:00
Todd C. Miller
c6ad6d29e5 Treat a missing includedir like an empty one and do not return an error. 2011-04-14 14:27:11 -04:00
Todd C. Miller
c82e29f274 Add '!' token to lex tracing 2011-03-31 13:42:05 -04:00
Todd C. Miller
ca32055fd8 Avoid using pre or post increment in a parameter to a ctype(3) 
function as it might be a macro that causes the increment to happen
more than once.
 2011-03-31 12:48:01 -04:00
Todd C. Miller
041b1a896a Add back missing #include of config.h 2011-03-28 14:50:55 -04:00
Todd C. Miller
e3ff59e506 Use bitwise AND instead of modulus to check for length being odd. 
A newline in the middle of a string is an error unless a line
continuation character is used.
 2011-03-27 17:12:45 -04:00
Todd C. Miller
45b82039be Move lexer globals initialization into init_lexer. 2011-03-27 09:45:42 -04:00
Todd C. Miller
aed50b4d7b Fix a potential crash when a non-regular file is present in an 
includedir.  Fixes bz #452
 2011-03-27 09:27:43 -04:00
Todd C. Miller
31c164dae1 Make an empty group or netgroup a syntax error. 2011-03-24 11:00:30 -04:00
Todd C. Miller
784d0dda37 Allow a group ID in the User_Spec. 2011-03-24 10:37:34 -04:00
Todd C. Miller
fe1bc681ba Return an error for the empty string when a word is expected. 
Allow an ID for per-user or per-runas Defaults.
 2011-03-23 18:51:57 -04:00
Todd C. Miller
06bf685b33 Restore ability to define TRACELEXER and have trace output go to stderr. 2011-03-21 17:57:38 -04:00
Todd C. Miller
a2297743aa Restore old behavior of setting sawspace = TRUE for command line 
args when a line continuation character is hit to avoid causing
problems for existing sudoers files.
 2011-03-21 17:46:50 -04:00
Todd C. Miller
c7dd8399eb If we match a rule anchored to the beginning of a line after parsing 
a line continuation character, return an ERROR token.  It would be
nicer to use REJECT instead but that substantially slows down the
lexer.
 2011-03-21 12:48:33 -04:00
Todd C. Miller
edfb5cd7a2 Move LEXTRACE macro to toke.h so we can use it in yyerror(). 2011-03-21 12:39:06 -04:00
Todd C. Miller
a27b3f3407 Make lex tracing settable at run-time in testsudoers via the -t 
flag.  Trace output goes to stderr.  Will be used by regress tests
to check lexer.
 2011-03-20 21:25:57 -04:00
Todd C. Miller
f083e72a57 Allow whitespace after the modifier in a Defaults entry. 
E.g. "Defaults: username set_home"
 2011-03-20 12:24:36 -04:00
Todd C. Miller
6170002e6f We normaly transition from GOTDEFS to STARTDEFS on whitespace, but 
if that whitespace is followed by a comma, we want to treat it as
part of a list and not transition.
 2011-03-17 16:36:13 -04:00
Todd C. Miller
88e35a1932 Fix parsing of double-quoted names in Defaultd and Aliases which was 
broken in 601d97ea8792.
 2011-03-17 15:06:55 -04:00
Todd C. Miller
342e351d58 match quoted strings the same way whether in a Defaults line or as 
a user/group/netgroup name.  Fixes escaped double quotes in quoted
user/group/netgroup names.
 2011-01-31 15:13:51 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
4cc6322b48 Move fill macro to toke.h 2011-01-08 19:34:31 -05:00
Todd C. Miller
400b6ffe20 Split tokenizer utility functions out into toke_util.c 2011-01-08 15:42:39 -05:00
Todd C. Miller
866ffd0bdb ANSIfy 2011-01-08 15:15:30 -05:00
Todd C. Miller
39d1167f33 Include config.h before any other includes to make sure we get the 
right value for _FILE_OFFSET_BITS.
 2010-11-09 08:55:55 -05:00
Todd C. Miller
5403757edf Add missing LOG_INPUT/LOG_OUTPUT support in the lexer. 2010-09-07 17:16:05 -04:00
Todd C. Miller
1229406720 Add %option noinput 2010-08-02 18:17:51 -04:00
Todd C. Miller
fd6b72f48e Add suport for negated user/host/command lists in a Defaults entry. 
E.g. Defaults:!baduser noexec
 2010-07-07 14:33:27 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
27a94faf73 A comment character may not be part of a command line argument 
unless it is quoted with a backslash.  Fixes parsing of:
    testuser ALL=NOPASSWD: /usr/bin/wl #comment foo bar
closes bz #441
 2010-06-10 17:52:51 -04:00
Todd C. Miller
32d4697a89 Do not override value of keepopen global, instead restore it to the 
value we pushed onto the stack when popping.
 2010-06-10 16:36:41 -04:00
Todd C. Miller
303da7b820 If a file in a #includedir has improper permissions or owner just 
skip it.  This prevents packages that incorrectly install a file
into /etc/sudoers.d from breaking sudo so easily.  Syntax errors
in #includedir files still result in a parse error (for now).
 2010-06-08 16:53:38 -04:00