isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,027 Commits 1 Branch 0 Tags
49f2d67070b51f6b72f8189b53abe9de6e2c727b
Commit Graph

591 Commits

Author SHA1 Message Date
Todd C. Miller
49f2d67070 Fix support for AIX-style path(module) syntax in sudo.conf Plugin lines. 2022-12-22 16:45:13 -07:00
Todd C. Miller
d7b3673933 Add missing sudo_json_free(). 2022-12-17 16:37:29 -07:00
Todd C. Miller
0614c1f626 check_pattern: check bounds as a repetition operator too. 
Add regess to verify check_pattern() via sudo_regex_compile().
 2022-12-17 15:09:30 -07:00
Todd C. Miller
f0530b66d3 Instead of collapsing duplicate repetition characters, reject them. 
This is implementation-specific behavior--some regcomp(3) will
reject duplicate repetition characters (BSD), others will try to
support them (Glibc) but may allocate excessive amounts of memory.
 2022-12-17 11:32:24 -07:00
Todd C. Miller
797cc917a8 Add basic regress for JSON functions. 
Fix a bug in escaped control character handling.
Roll back changes to buffer if sudo_json_add_value() fails.
 2022-12-15 19:49:11 -07:00
Todd C. Miller
e706204f5f Escape control characters in strings. 2022-12-14 19:08:38 -07:00
Todd C. Miller
a04557c3d4 Fix memory leak in multiarch_test to quiet leak sanitizer. 2022-12-11 13:46:04 -07:00
Todd C. Miller
185fe31fea Fix -Wsign-compare warning. 2022-12-06 18:21:49 -07:00
Todd C. Miller
3df7b64d80 Fix failure in check targets when there is no UTF-8 C locale. 2022-12-06 16:26:34 -07:00
Todd C. Miller
ee6420ad5b Sync with OpenBSD. 2022-12-03 09:04:25 -07:00
Sohom
8ac89f8d05 [snprintf] Check for '\0' to prevent undef memory read 2022-12-03 08:14:14 +05:30
Todd C. Miller
f066ff9e01 Eliminate a few harmless dead stores. 
Quiets warnings from Infer.
 2022-11-22 11:18:24 -07:00
modric
dbfd84301a sudo_rcstr_dup: Fix potential NULL pointer deref 2022-11-22 10:12:29 +08:00
modric
1eabf13577 sudo_mmap_strdup_v1: Fix potential NULL pointer deref 2022-11-20 20:06:55 +08:00
Todd C. Miller
5683fc6f7a The name of the C locale w/ UTF-8 support is not always C.UTF-8. 
Use a pattern to find it (if present) and use that value instead
of hard-coding C.UTF-8.  This works around a leak sanitizer crash
on certain inputs.
 2022-11-11 07:05:21 -07:00
Todd C. Miller
ecb5526fc8 Add missing include of sys/stat.h 2022-11-09 14:48:38 -07:00
Todd C. Miller
803998d2bd Only add trailing carriage return to messages if output is a raw tty. 
If output is being written to a terminal in "raw" mode, we need to
add a carriage return after the newline to avoid "stair-step" output.
However, we should not write the carriage return if the terminal
is in "cooked" mode, output to a pipe, or output redirected to a file.
Bug #1042.
 2022-10-20 08:55:26 -06:00
Todd C. Miller
3ca21f9506 Fix a typo, muti-arch -> multi-arch 
GitHub issue #185
 2022-10-20 06:57:37 -06:00
Todd C. Miller
0be0757d64 Add fchownat() for systems without it. 2022-10-13 15:10:40 -06:00
Todd C. Miller
57b5ff8e8c Avoid a -Wshadow warning on Solaris 9. 2022-10-07 11:00:17 -06:00
Todd C. Miller
0eb136d65c Fix a build error on Solaris 9. 2022-10-07 09:28:27 -06:00
Todd C. Miller
7e20e4b80f Apply multiarch rules when loading plugins too. 2022-10-06 12:46:38 -06:00
Todd C. Miller
0b506a2d07 sudo_dso_load: try multi-arch on Linux if we can't load the path. 
For example, if loading /usr/lib/libsss_sudo.so fails, try again
with /usr/lib/x86_64-linux-gnu/libsss_sudo.so.
 2022-10-05 15:26:14 -06:00
Todd C. Miller
b37bf44cdd Add test for sudo open_parent_dir() 2022-10-05 12:36:14 -06:00
Todd C. Miller
3940020c94 sudo_secure_open_{file,dir}: always check thatreturn value is not -1. 
Avoids false positives from static analyzers that can't figure out
that the fd is always valid when error is SUDO_PATH_SECURE.
 2022-10-04 09:33:44 -06:00
Todd C. Miller
719b7f933f sudo_open_parent_dir: stop before creating the last path component 
Fix a regression introduced in sudo 1.9.9 where the entire directory
path was created instead of just the parent directory.
 2022-10-04 08:51:36 -06:00
Todd C. Miller
d37710b0f6 Use mkdtempat_np() and mkostempsat_np() on macOS 2022-09-22 11:34:00 -06:00
Todd C. Miller
9d654482b2 Convert remaining uses of sudo_mkdir_parents() to sudo_open_parent_dir(). 2022-09-21 19:08:15 -06:00
Todd C. Miller
376d18b5da Add fchownat() systems without it. 2022-09-21 19:08:12 -06:00
Todd C. Miller
86c108b50b Add mkdtempat() and mkostempsat() for systems without them. 2022-09-21 19:08:11 -06:00
Todd C. Miller
88ac5e09b6 Use sudo_secure_open_file() instead of sudo_secure_file() where possible. 
Both sudo_secure_open_file() and sudo_secure_open_dir() are now passed
a struct stat pointer like sudo_secure_file() and sudo_secure_dir().
 2022-09-21 19:08:10 -06:00
Todd C. Miller
cbd52e705c Fix potential TOCTOU when creating time stamp directory and file. 2022-09-21 19:08:09 -06:00
Todd C. Miller
8c482bfeb2 sudo_mkdir_parents: just use memcpy() to copy the path component. 
Using snprintf() for this is overkill, we need to do the same
length check either way.
 2022-09-21 19:06:53 -06:00
Todd C. Miller
e916201448 regen 2022-09-21 11:29:38 -06:00
Todd C. Miller
c823ca1e45 Quiet libgcrypt run-time warning about not being initialized. 
Fixes Debian bug #1019428 and Ubuntu bug #1397663.
 2022-09-20 16:13:31 -06:00
Todd C. Miller
a326411903 Use $(GREP) and $(EGREP) variables in Makefile.in files. 2022-09-12 16:30:52 -06:00
Todd C. Miller
0af393e75b Suppress PVS-Studio false positive. 2022-08-25 14:22:21 -06:00
Todd C. Miller
9ebaabfdde sudo_dso_load: restore original error for AIX on failure. 
For AIX, if dlopen() fails we try again with RTLD_MEMBER set
and a default member (shr.o or shr_64.o).  However, if that
also fails, the user will receive a useless error message
that doesn't correspond to the actual problem.  We now retry
the original dlopen() if the fallback to RTLD_MEMBER fails,
which has the effect of restoring the original error message.
 2022-08-04 09:35:06 -06:00
Li zeming
c27acf55ec util/arc4random: (void*) type pointer passing address could remove cast 
Signed-off-by: Li zeming <zeming@nfschina.com>
 2022-08-02 13:39:40 -06:00
Tim Shearer
e4f08157b6 Fix incorrect SHA384/512 digest calculation. 
Resolves an issue where certain message sizes result in an incorrect
checksum. Specifically, when:
(n*8) mod 1024 == 896
where n is the file size in bytes.
 2022-08-02 10:53:15 -04:00
Todd C. Miller
23ab31fce0 Avoid a Coverity positive. 2022-07-26 13:05:46 -06:00
Todd C. Miller
3421c8b6ce Fix potential NULL pointer deference found by clang-analyzer. 2022-07-26 11:44:12 -06:00
Todd C. Miller
5516cdcd5b For preload DSO make copies of cmnd, argv, envp and map them read-only. 2022-07-25 19:56:54 -06:00
Todd C. Miller
e43c964c43 Use sudo_mmap_alloc functions instead of private versions. 
We no longer need to keep track of the allocation size.
 2022-07-25 16:05:10 -06:00
Todd C. Miller
fccf3c9c56 Add sudo_mmap_{alloc,allocarrary,strdup,free} functions. 
These allocate memory via mmap anonymous regions and store the mapped
size immediately before the returned pointer as an unsigned long.
They are intended to be used in cases where malloc(3) and free(3)
are unsuitable due to concerns about corrupting global state in
multi-threaded programs or signal handlers.
 2022-07-25 15:08:11 -06:00
Todd C. Miller
e5652fc65a Linux execve(2) allows argv or envp to be NULL. 
Add checks to make sure we don't deference a NULL pointer.
 2022-07-14 09:29:40 -06:00
Todd C. Miller
f6e4d2765a Add explicit include of unistd.h for getopt(3) and related variables. 2022-07-05 11:35:25 -06:00
Todd C. Miller
42c6d9fb50 In timegm() initialize tm_isdst to 0 like tzcode does. 2022-07-01 14:23:28 -06:00
Todd C. Miller
50813f8160 Quiet another -Wwrite-strings warning. 2022-06-29 16:41:11 -06:00
Todd C. Miller
3e21c8da5c Add missing PVS Studio Open Source comments. 
Also avoid checking protobuf-c source and protobuf-c generated files.
 2022-06-29 09:45:04 -06:00