isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,874 Commits 1 Branch 0 Tags
57b5ff8e8cba59b09b1ec2bc192a799f5ca19e65
Commit Graph

151 Commits

Author SHA1 Message Date
Todd C. Miller
851247e58c Split iolog_fileio.c into multiple files. 2021-02-26 21:07:48 -07:00
Todd C. Miller
d51d4af7a6 Break out I/O log config handling into iolog_conf.c. 2021-02-26 15:02:58 -07:00
Todd C. Miller
7144955b07 regen Makefile.in 2021-02-26 14:30:16 -07:00
Todd C. Miller
80e223b6c8 Remove unnecessary warnings, we want to fail silently. 2021-02-25 16:15:47 -07:00
Todd C. Miller
1ae4c1bf67 Remove fuzzer targets in "make clean" 2021-02-24 15:25:44 -07:00
Todd C. Miller
a3f38fac0c Set program name in fuzzers so we get consisten warnings. 2021-02-24 15:14:58 -07:00
Todd C. Miller
b93aad4e95 Move iolog info log writing to iolog_loginfo.c 2021-02-24 15:01:37 -07:00
Todd C. Miller
a56f7daeea Split iolog_util.c into iolog_loginfo.c and iolog_timing.c. 
Also rename check_iolog_util -> check_iolog_timing.
 2021-02-24 14:40:33 -07:00
Todd C. Miller
2a657e2a12 Move legacy I/O log info file parsing to iolog_legacy.c 2021-02-24 14:34:14 -07:00
Todd C. Miller
03e610dab5 Strings in dictionary files need to be quoted. 2021-02-23 12:38:02 -07:00
Todd C. Miller
081e219e23 Add dictionary files for fuzzers where possible. 2021-02-23 11:28:47 -07:00
Todd C. Miller
14c71eaa86 Add clean rules to .PHONY target. 2021-02-19 08:54:04 -07:00
Todd C. Miller
9f1e016cde Add install-fuzz Makefile target to install the fuzzers and seed corpus. 
The FUZZ_DESTDIR make variable needs to be set in the environment
or on the command line.
 2021-02-18 19:38:54 -07:00
Todd C. Miller
e047e99306 Use %td when printing the difference of two pointers. 2021-02-18 07:22:36 -07:00
Todd C. Miller
abdef93f72 Remove duplicated MALLOC_OPTIONS and MALLOC_CONF env variables. 2021-02-17 13:06:35 -07:00
Todd C. Miller
dc45ac5bc7 On parse error, display line and column instead of the offending line. 2021-02-17 11:29:08 -07:00
Todd C. Miller
4a279d5767 Pass I/O log memory allocation errors up to the caller. 2021-02-16 16:55:25 -07:00
Todd C. Miller
d81d7e0cf2 Fix unlinking of timing temp file. 2021-02-15 13:46:11 -07:00
Todd C. Miller
de2a47f273 Set MALLOC_OPTIONS and MALLOC_CONF for all regress targets. 2021-02-15 13:17:46 -07:00
Todd C. Miller
ea7a70e85d For "make fuzz" only fuzz the seed corpus. 
This way we avoid files generated by the fuzzer itself.
 2021-02-15 07:35:19 -07:00
Todd C. Miller
eedc72d7b9 Make fuzz targets depend on fuzzer stub library. 
We really want a dependency on $(LIB_FUZZING_ENGINE) but that could
be a flag like "-fsanitize=fuzzer" instead of a path.
 2021-02-12 15:35:18 -07:00
Todd C. Miller
53e3dca7a6 Fix up some .la file library dependencies. 
libsudo_iolog.la already depends on libsudo_util.la and libsudo_eventlog.la
so we don't need to list those explicitly when libsudo_iolog.la is listed.
 2021-02-10 16:47:38 -07:00
Todd C. Miller
bbfd430cf9 feof(3) returns non-zero at EOF, not necessarily 1. 
On Illumos at least it returns a value other than 1.
 2021-02-09 18:25:03 -07:00
Todd C. Miller
91351d57f4 Suppress PVS Studio false positives. 2021-02-08 16:31:03 -07:00
Todd C. Miller
63a3f62547 Add fuzz Makefile target and run fuzzer corpus in make check. 2021-02-08 04:56:17 -07:00
Todd C. Miller
30d9497eb6 Add stub library that just feeds files to the fuzzing target. 
This will allow the fuzzers to be run as part of "make check".
 2021-02-07 15:43:51 -07:00
Todd C. Miller
a72d743ec8 Fall back to a temp file if fmemopen() is not available(). 2021-02-07 13:56:15 -07:00
Todd C. Miller
55df5efdce Add --enable-fuzzer-linker and --enable-fuzzer-engine options. 
These will allow the fuzzers to be built as part of oss-fuzz.
 2021-02-07 05:52:45 -07:00
Todd C. Miller
6216fb3cca Add --enable-fuzzer option to use when building fuzzers 2021-02-06 13:28:39 -07:00
Todd C. Miller
4480e26972 Build (but don't run) fuzzers as part of "make check". 
Uses a stub to make it possible to link w/o libfuzzer.
The goal is to ensure the fuzzers are always buildable and avoid bit rot.
 2021-02-06 08:38:38 -07:00
Todd C. Miller
ecaa9cd08d Add libsudo_eventlog.la as a dependency of libsudo_iolog.la 
No longer need to link against libsudo_eventlog.la in sudoers.
 2021-02-06 08:36:01 -07:00
Todd C. Miller
1c02c14c35 Add more test files for fuzzers. 2021-02-05 19:30:00 -07:00
Todd C. Miller
5c2a21350d fuzzer for I/O log timing files 2021-02-04 19:22:15 -07:00
Todd C. Miller
47f08e986f In JSON, name/value pairs must be separated by a comma. 
Previously we didn't require the comma to be there.
 2021-02-04 18:01:53 -07:00
Todd C. Miller
92cf172eda Detect integer overflow when converting JSON_ARRAY to string vector. 
Extremely unlikely to happen but better safe than sorry.
 2021-02-04 16:10:35 -07:00
Todd C. Miller
d2901f4121 Add fuzzer for legacy I/O log info file. 2021-02-03 07:41:20 -07:00
Todd C. Miller
20b3904f4f Add missing fclose(3) of fmemopen(3) stream; it does not modify the data. 2021-02-02 13:58:31 -07:00
Todd C. Miller
2fd4a2ad71 Check for unexpected value after checking the name, not before. 2021-02-02 13:32:29 -07:00
Todd C. Miller
71997da168 Fix potential leak of evlog->runuser. 
Also warn if we find an unexpected JSON type.
 2021-02-02 10:27:27 -07:00
Todd C. Miller
1e3cecc608 Add initial fuzzers to be used by oss-fuzz. 
These are not yet hooked up to the sudo build.
 2021-02-01 15:17:57 -07:00
Todd C. Miller
4cd6350cad Fix crashes trying to parse invalid JSON. 
Found locally using libfuzzer/oss-fuzz.
 2021-01-30 16:16:23 -07:00
Todd C. Miller
de82d08e70 Plug memory leak if a key is listed more than once in the log.json file. 2021-01-30 16:15:24 -07:00
Todd C. Miller
5dc297d300 Fix crash when file does not exist. 2021-01-30 14:04:05 -07:00
Todd C. Miller
8781560e1b In json_stack_push() treat stack exhaustion like memory allocation failure. 
Return NULL instead of treating as a fatal error.
This should make life a little easier for oss-fuzz.
 2021-01-29 09:23:51 -07:00
Todd C. Miller
84b3a1dae1 Remove the --force option from the cppcheck args, it causes errors. 2021-01-06 13:01:09 -07:00
Todd C. Miller
71339c574f Check the return value of fcntl() when setting FD_CLOEXEC. 
This should never fail unless the fd is invalid.
Problem reported by Matthias Gerstner of SUSE.
 2021-01-06 10:16:00 -07:00
Todd C. Miller
6e1986e915 Remove #ifdefs around code using pread(3) and pwrite(3). 2021-01-02 10:43:34 -07:00
Todd C. Miller
8617833385 Minor fixes pointed out by cppcheck. 
Also add compareBoolExpressionWithInt to suppression list.
 2021-01-02 10:43:34 -07:00
Todd C. Miller
fe6e0fb215 If no JSON callback is provided, store the contents of struct eventlog. 
This moves the JSON formatting of struct eventlog out of libsudo_iolog
and into libsudo_eventlog where it belongs.
 2020-10-26 15:43:43 -06:00
Todd C. Miller
db72498257 Use struct eventlog in place of struct iolog_info. 2020-10-26 15:31:41 -06:00