isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,997 Commits 1 Branch 0 Tags
3df7b64d8093b7f46d04940a3562363fbb3cce4a
Commit Graph

11997 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
3df7b64d80 Fix failure in check targets when there is no UTF-8 C locale. 2022-12-06 16:26:34 -07:00
Todd C. Miller
3d2082cdf3 Add SUDO_CHECK_NET_FUNC to check functions in the network libraries. 
If a function is not found, check again with "-lsocket", "-linet",
"-lsocket -lnsl", or "-lresolv".
Also display network libs in final summary as well as the different
linker flags.
 2022-12-06 16:09:26 -07:00
Todd C. Miller
f9639aca89 Make sure HAVE_MAILLOCK_H is defined on Solaris 10. 2022-12-06 14:03:40 -07:00
Todd C. Miller
2c97e7f471 Remove extraneous "(cached)" line when the -C option is used. 
We do not need to call AC_CACHE_VAL() to ensure that a variable is
cached, its name just needs to match the pattern *_cv_*.
 2022-12-06 13:47:03 -07:00
Todd C. Miller
3cdd044c68 Make path checks in sudo.m4 cachable. 2022-12-06 13:40:12 -07:00
Todd C. Miller
1b76f76122 Use AC_PATH_PROGS_FEATURE_CHECK to find mandoc/nroff. 
We don't use the NROFFPROG or MANDOCPROG any longer so no need
to set those.
 2022-12-06 12:18:26 -07:00
Todd C. Miller
dd1eb1f6c5 Don't check for _sys_siglist if sys_siglist is found. 2022-12-06 10:05:03 -07:00
Todd C. Miller
fd6484917e Fix check for sys_sigabbrev. 2022-12-06 08:55:44 -07:00
Todd C. Miller
29c36a3c1d Skip test for __func__ on C99 and above, avoid extra _sys_signame test. 2022-12-05 19:26:57 -07:00
Todd C. Miller
38ffd03cd6 Move gettext checks to m4/gettext.m4 2022-12-05 19:26:50 -07:00
Todd C. Miller
12da6bd0ce Move LDAP library checks to m4/ldap.m4 and make more tests cacheable. 2022-12-05 16:52:34 -07:00
Todd C. Miller
00e22508a7 Move OpenSSL/wolfSSL checks to m4/openssl.m4 2022-12-05 16:45:18 -07:00
Todd C. Miller
f515c238bc Move PIE executable checks to m4/pie.m4 2022-12-05 12:34:12 -07:00
Todd C. Miller
4220e6631b Move address sanitizer and fuzzer checks to m4/sanitizer.m4 2022-12-05 12:33:44 -07:00
Todd C. Miller
ea5668086c Move symbol visibility checks to m4/visibility.m4 2022-12-05 12:33:42 -07:00
Todd C. Miller
5bf5a4e26c Move hardening checks to m4/hardening.m4 2022-12-05 12:32:53 -07:00
Todd C. Miller
8718fc2083 Make cpp variadic arguments check into a macro and move to sudo.m4. 
Also move the PVS-Studio.cfg generation to sudo.m4.
 2022-12-05 09:47:21 -07:00
Todd C. Miller
ee6420ad5b Sync with OpenBSD. 2022-12-03 09:04:25 -07:00
Todd C. Miller
31152ba4d7 Merge pull request #218 from sohomdatta1/snprintf 
[snprintf] Check for '\0' to prevent undef memory read
 2022-12-03 06:54:53 -07:00
Sohom
8ac89f8d05 [snprintf] Check for '\0' to prevent undef memory read 2022-12-03 08:14:14 +05:30
Todd C. Miller
e707ffe58b Place C23 attributes before keywords in function declarations. 
In practice this means we must use "sudo_noreturn static foo(void)"
instead of "static sudo_noreturn foo(void)".
 2022-12-01 12:54:53 -07:00
Todd C. Miller
a44a005f0b Convert from using IPC::Open3 to IPC::Run. 
Run tests in a pty so check_ttyname works as expected.
Explicitly set short command line options letters in GetOptions().
Add a debug flag to help see what is going on internally.
Add hook for die() to kill running jobs when we are dying.
SSH_AGENT_PID will not be present if the agent is forwarded.
In close_persistent_connections() only close active connections.
 2022-11-30 11:19:44 -07:00
Todd C. Miller
16ae61dcd7 Use C23 [[__fallthrough__]] and [[__noreturn__]] attributes if supported. 
If the C23 attributes are not supported, use gcc-style attributes
where possible.
 2022-11-29 16:28:27 -07:00
Todd C. Miller
cfdcd96b63 Move the check for the fallthrough attribute outside the warnings block. 
Use AX_APPEND_FLAG instead of addind to CFLAGS directly.
 2022-11-29 16:04:14 -07:00
Todd C. Miller
63e58cbbec The distributed package build script I use to build all sudo packages. 
This is not included in the release tarball because it is of limited
use to other people.
 2022-11-28 12:46:32 -07:00
Todd C. Miller
a9cab46f88 Pass the list of files to include in the tarball on stdin. 
This avoids any limit on the size of argv.
 2022-11-25 11:01:38 -07:00
Todd C. Miller
9a36698164 Merge pull request #214 from BornThisWay/1124_repeated_invocation 
check_syntax(): Remove duplicate calls to init_defaults()
 2022-11-23 19:33:46 -07:00
modric
26cf125fb9 check_syntax(): Remove duplicate calls to init_defaults() 2022-11-24 09:42:05 +08:00
Todd C. Miller
46d286947e build_command_info: free command_info on failure. 
Once upon a time, command_info was a stack variable, now it is
dynamically allocated.  Coverity CID 299987.
 2022-11-22 17:26:24 -07:00
Todd C. Miller
eb4ae10ab4 Better handling of out-of-memory conditions. 2022-11-22 11:57:42 -07:00
Todd C. Miller
9fff5a5fae Keep group file open until the call to myendgrent(). 
This restores the previous behavior.
 2022-11-22 11:55:34 -07:00
Todd C. Miller
f066ff9e01 Eliminate a few harmless dead stores. 
Quiets warnings from Infer.
 2022-11-22 11:18:24 -07:00
Todd C. Miller
2f97da316e sudo_ldap_parse_option: add explicit NULL check for strchr(). 
This should not be needed since we only use the returned pointer
if it is larger than the string passed to strchr().
Quiets a warning from Infer.
 2022-11-22 11:17:30 -07:00
Todd C. Miller
a0d9963fe6 journal_fdopen: free journal_path and close journal before setting 
Fixes a potential resource leak that currently cannot happen.
Quiets a warning from Infer.
 2022-11-22 11:15:21 -07:00
Todd C. Miller
a37ecb2666 sudo_ldap_result_add_entry: check sudo_ldap_get_values_len() return value. 
Previously, we just compared the error code with LDAP_NO_MEMORY
when checking for sudoOrder since this is the only error we care about.
We now return NULL for LDAP_NO_MEMORY and ignore other errors.
Quiets a warning from Infer.
 2022-11-22 11:05:26 -07:00
Todd C. Miller
1c9c7bd34a Refactor code to open passwd/group file and add setpassent/setgroupent. 
This makes the "stayopen" semantics match the system passwd/group
functions.  The getpwent/getgrent functions now open the database
if it is not already open.
 2022-11-22 08:45:14 -07:00
Todd C. Miller
4d7823e518 gram.h: #line directives should reference gram.h not y.tab.h. 2022-11-22 07:27:11 -07:00
Todd C. Miller
7ac13204f2 Use clang, not /usr/bin/cc on FreeBSD and macOS. 
While /usr/bin/cc _is_ clang on those platforms, some static analyzers
get confused if we don't run it as clang.
 2022-11-22 07:21:01 -07:00
Todd C. Miller
da7a5ecabd Merge pull request #212 from BornThisWay/1122_null_deref 
sudo_rcstr_dup: Fix potential NULL pointer deref
 2022-11-21 19:27:59 -07:00
modric
dbfd84301a sudo_rcstr_dup: Fix potential NULL pointer deref 2022-11-22 10:12:29 +08:00
Todd C. Miller
3396267291 Add a reminder to the default lecture that the password will not echo. 
This line is only displayed when the pwfeedback option is disabled.
GitHub issue #195.
 2022-11-21 09:48:50 -07:00
Todd C. Miller
c3f138eaa2 Merge pull request #210 from BornThisWay/1121_typo 
Fix some typos
 2022-11-21 07:08:46 -07:00
modric
cbdc4883d1 Fix some typos 2022-11-21 14:50:22 +08:00
Todd C. Miller
6a5546b11f Merge pull request #208 from BornThisWay/1121_return 
intercept_read: Print and then return.
 2022-11-20 19:20:03 -07:00
modric
b1af59aa56 intercept_read: Print and then return. 2022-11-21 09:57:14 +08:00
Todd C. Miller
496ae6e6f0 Merge pull request #205 from BornThisWay/1119_access_null_pointer 
sudo_mmap_strdup_v1: Fix potential NULL pointer deref
 2022-11-20 07:44:46 -07:00
modric
1eabf13577 sudo_mmap_strdup_v1: Fix potential NULL pointer deref 2022-11-20 20:06:55 +08:00
Todd C. Miller
9c694e9a65 copy_vector: plug memory leak in error path 
Only the array was being freed, not the contents.
GitHub issue #202.
 2022-11-18 07:19:47 -07:00
Todd C. Miller
981cc2f8e3 Better matching of macOS version to SDK path. 2022-11-17 14:26:55 -07:00
Todd C. Miller
ad220d72d4 Merge pull request #200 from BornThisWay/fix_mem_leak_converse 
Fix memory leak of pass in converse().
 2022-11-17 08:16:40 -07:00