isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,878 Commits 1 Branch 0 Tags
3b205bc4120f5635d79a534258f0927df034db42
Commit Graph

81 Commits

Author SHA1 Message Date
Todd C. Miller
a299406291 Add fallback if /proc/self/stat or /proc/pid/psinfo is missing or invalid. 
If the /proc file indicates no terminal is present there is no fallback.
Bug #1020
 2022-02-02 08:32:44 -07:00
Todd C. Miller
d9b8311122 Fix compiler warning on FreeBSD. 2021-05-12 07:53:19 -06:00
Todd C. Miller
92c88d4105 Quiet a few harmless cppcheck warnings. 2021-01-06 13:01:10 -07:00
Todd C. Miller
88dcdcd11d Fix -Wshadow warnings. 2020-09-25 15:09:45 -06:00
Todd C. Miller
84e6e6ccf9 Update copyright year on some files where it was out of date. 2020-08-31 14:09:36 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
f57e2d04a3 Older FreeBSD needs sys/param.h included before sys/user.h. 
From Darren Tucker
 2019-10-20 19:18:27 -06:00
Todd C. Miller
2512f6efbf Use sudo_strtonum() explicitly instead of via a macro. 2019-10-14 10:09:30 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
0766e0c647 Better comment about EOVERFLOW and pstat_getproc(). 
Also remove some useless casts.
 2019-03-06 20:15:11 -07:00
Todd C. Miller
985600e7f0 Minor snprintf() usage tweaks: 
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
 2019-01-20 07:49:48 -07:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
217e0a9b4b Less confusing sysctl checks for kinfo_proc. 2018-03-05 17:35:02 -07:00
Todd C. Miller
ff5ac3ef0e Add tsdump, a simple utility to dump a timestamp file. To build, 
run "make tsdump" in the plugins/sudoers directory (it is not built
by default).  In order to map the tty device number to a name,
sudo_ttyname_dev() has been moved into libsudo_util.
 2018-01-11 10:49:20 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
6d4d4594b7 Use _PATH_DEV consistently 2017-06-29 18:10:53 -06:00
Todd C. Miller
26d9043bf4 Avoid sign extension when assigning the value of tty_nr in 
/proc/self/stat on Linux.  It is an unsigned int value that
is printed as a signed int but dev_t is unsigned long long.
We need to cast to unsigned int before assigning to a dev_t.
 2017-06-03 08:45:29 -06:00
Todd C. Miller
c13ebffbce A command name may also contain newline characters so read 
/proc/self/stat until EOF.  It is not legal for /proc/self/stat to
contain embedded NUL bytes so treat the file as corrupt if we see
any.  With help from Qualys.

This is not exploitable due to the /dev traversal changes in sudo
1.8.20p1 (thanks Solar!).
 2017-05-31 09:14:31 -06:00
Todd C. Miller
15901c9487 Use /proc/self consistently on Linux. As far as I know, only AIX 
doesn't support /proc/self.
 2017-05-30 10:44:11 -06:00
Todd C. Miller
cc71b99849 Add a new "devsearch" Path setting to sudo.conf for configuring the 
/dev paths to traverse instead of hard-coding a list in ttyname.c
The default value can be set at configure time.
 2017-05-30 10:44:11 -06:00
Todd C. Miller
b3fe46ce65 Fix for CVE-2017-1000367, parsing of /proc/pid/stat on Linux when 
the process name contains spaces.  Since the user has control over
the command name this could be used by a user with sudo access to
overwrite an arbitrary file.
Thanks to Qualys for investigating and reporting this bug.

Also stop performing a breadth-first traversal of /dev when looking
for the device.  Only the directories specified in search_devs[]
are checked.
 2017-05-29 14:32:53 -06:00
Todd C. Miller
d989f8af30 In sudo_ttyname_scan() if dir is the empty string, set errno to 
ENOENT before returning.
 2017-04-12 17:06:48 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
40d0ecc7d6 Don't disable large file support for Linux, just SVR4-style /proc. 
Otherwise, stat(2) may fail on Linux when running a 32-bit sudo
on a 64-bit machine.  Bug #755
 2016-09-02 08:05:07 -06:00
Todd C. Miller
9b3ef072f9 Add support for garbage collecting info passed to the plugin before 
exit to appease address sanitizer's leak detector (and valgrind's
leak checker).  We can't free these sooner since the plugin may be
using the memory.  For plugin API 2.0 it should be make clear that
the plugin must make a copy of the data in the arrays passed in to
the plugin's open() function.  Only enabled if NO_LEAKS is defined.
 2016-01-27 15:37:15 -07:00
Todd C. Miller
0765f5fe7f fix typo in previous commit 2015-07-22 06:21:21 -06:00
Todd C. Miller
83d8cbf811 Fix errno value from get_process_ttyname() when no tty is present. 2015-07-21 15:20:49 -06:00
Todd C. Miller
aeaa6a6111 On AIX, only convert the tty device number from dev64_t to dev32_t 
if dev_t is 32-bits.
 2015-07-21 15:02:56 -06:00
Todd C. Miller
d96f8bcabb Avoid needless memory allocation when resolving the tty name. 2015-07-19 20:19:22 -06:00
Todd C. Miller
d77941c2be We require POSIX so no need to conditionally include dirent.h. 
Add a check for d_namlen and use the result in the NAMLEN macro.
 2015-07-02 09:24:48 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
7b086b6842 Quiet clang analyzer false positive. 2015-06-23 12:58:02 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
cb63ca701c Avoid using exiting allocators in the front end. 2015-06-17 17:00:54 -06:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
acea28b9a5 Document why we need sys/param.h. 2015-01-14 11:01:41 -07:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
d99b4f0909 Fix strtonum() usage when parsing /proc/self/stat on Linux. 
Bug #630
 2014-01-13 11:11:26 -07:00
Todd C. Miller
cbf41b8b96 The OpenBSD strtonum() uses very short error strings that can't 
be translated usefully.  Convert them to longer strings on error.
Also use the longer strings for atomode() and atoid().
 2013-12-11 13:43:10 -07:00
Todd C. Miller
8f9ce7249a Use strtonum() instead of atoi(), strtol() or strtoul() where possible. 2013-12-10 16:23:21 -07:00
Todd C. Miller
902215a8c0 Ignore EOVERFLOW from pstat_getproc(). The HP-UX kernel appears 
to return this in certain situations but it appears to be harmless
at least insofar as retrieving the tty goes.
 2013-11-30 18:43:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00