Commit Graph

525 Commits

Author SHA1 Message Date
Todd C. Miller
5d4142f294 libsudo_util depends on LT_DEP_LIBS even when building a static lib 2019-06-10 13:27:12 -06:00
Todd C. Miller
81c6cac81b Solaris getentropy() requires that sys/random.h be included. 2019-06-10 12:12:57 -06:00
Todd C. Miller
cd2cfeb8cb It is safe to assume _POSIX_VDISABLE is defined.
The old compat defines were to support pre-termios systems.
2019-05-16 12:24:48 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
30a56af6ef FreeBSD's /dev/fd only contains fds 0-2 unless fdescfs is mounted.
In practice this doesn't matter since FreeBSD >= 8 has a native closefrom
2019-04-26 15:21:29 -06:00
Todd C. Miller
de65d70929 Add a proper getdelim(3) replacement and use it instead of getline(3). 2019-04-08 10:37:30 -06:00
Todd C. Miller
731e796711 Fix the counting of supplementary groups on AIX.
We should not assume that basegid will be present in the list of
gids returned by getgrset().
2019-03-18 14:08:21 -06:00
Todd C. Miller
17ca31c381 Ignore EOVERFLOW from pstat_getproc(), it is not a fatal error.
It just means that one of the fields in pstat lacks the precision to
store a value.  That's not an issue for pst_highestfd.
2019-03-06 20:13:40 -07:00
Todd C. Miller
683c65b98b Only export sudo_arc4random_uniform() if arc4random_uniform() is missing. 2019-02-18 16:03:55 -07:00
Todd C. Miller
f17683482b Quiet a warning on gcc 8 2019-02-18 15:56:12 -07:00
Todd C. Miller
13c3244220 include stddef.h to make sure we get NULL 2019-02-04 14:07:20 -07:00
Todd C. Miller
985600e7f0 Minor snprintf() usage tweaks:
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
2019-01-20 07:49:48 -07:00
Todd C. Miller
f7d7a9a619 Fix the default nofiles and stack hard limits.
The table of default hard limits in /etc/security/limits was out
of date with respect to the current documentation.  The default
hard limit for nofiles should be unlimited, not 8196.  The default
hard limit for stack should be 4194304 blocks (which fits in an
unsigned long on 32-bit platforms).
2019-01-07 09:38:03 -07:00
Todd C. Miller
716aa6e4ab Support st_nmtime in struct stat as found in HP-UX. 2018-11-14 13:37:46 -07:00
Todd C. Miller
7c5469264d If fcntl fails, fall back to the /proc implementation. 2018-11-14 13:37:45 -07:00
Todd C. Miller
537a2f9773 Only use closefrom_fallback() if no better method exists.
The previous logic was too fragile.
2018-11-08 15:17:39 -07:00
Todd C. Miller
cdd5bb32eb Add sudo_gai_fatal, sudo_gai_vfatal, sudo_gai_vwarn, sudo_gai_warn
and gai_log_warning that use gai_strerror() instead of strerror().
2018-11-05 09:08:05 -07:00
Todd C. Miller
ffe2041a02 Skip sudo_getgrouplist2() check on systems with getgrouplist_2().
sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS where a user is automatically a
member of certain groups.
2018-10-26 11:11:58 -06:00
Todd C. Miller
e22410ba64 Add missing exported symbol sudo_term_eof 2018-10-26 10:45:12 -06:00
Todd C. Miller
a3cb22b467 Check the user's primary gid from the passwd file too. 2018-10-26 10:24:38 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
019279a4b8 Fix some mangled text in the license block. 2018-10-26 08:19:41 -06:00
Todd C. Miller
404524c4ef Add regress test for sudo_getgrouplist2().
This test assumes all the groups in root's group list can
be resolved by group ID.
2018-10-26 06:52:46 -06:00
Todd C. Miller
78d35de935 Remove an errant grset++ in the AIX version of sudo_getgrouplist2().
Bug #857
2018-10-25 07:17:31 -06:00
Todd C. Miller
cb588f2337 Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c.
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree.  This
is not a problem as it just contains stub functions.
2018-10-22 09:12:17 -06:00
Todd C. Miller
3710d5ba07 Add support for CLOCK_MONOTONIC_RAW and CLOCK_UPTIME_RAW, present
on macOS.
2018-10-21 15:24:33 -06:00
Todd C. Miller
c5df091123 Add pvs-studio target and associated production rules. 2018-10-21 08:46:05 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
8c94175ba1 Avoid some PVS-Studio false positives. 2018-10-19 13:35:20 -06:00
Todd C. Miller
939585e906 tv_nsec can never be negative after timespecsub.
Found by PVS Studio
2018-10-17 06:21:48 -06:00
Todd C. Miller
2b56252210 Handle EOF on password input when pwfedback is enabled. 2018-10-08 06:47:53 -06:00
Todd C. Miller
d8870177c2 Pass getgrouplist() NGROUPS_MAX+1, not NGROUPS_MAX so we have room
for the primary gid.
2018-09-22 12:55:44 -06:00
Todd C. Miller
c639c965cf Fix a crash in the event system's poll() backend introduced with
support for nanosecond timers.  Only affects systems without ppoll().
Bug #851
2018-09-12 07:02:13 -06:00
Todd C. Miller
a924b4610b Fix warnings on OpenIndiana (Illumos) 2018-08-30 14:06:18 -06:00
Todd C. Miller
5fea22e514 sync 2018-08-26 19:31:20 -06:00
Todd C. Miller
63f7aa8fcf Backward ABI compatibility for even functions that use a timeval. 2018-08-25 21:02:07 -06:00
Todd C. Miller
6b76f9dbd3 Use a monotonic timer for the event subsystem. 2018-08-25 21:02:06 -06:00
Todd C. Miller
04d1f56d90 Use struct timespec, not struct timeval in the event subsystem.
Use ppoll() or pselect() if avaialble which use timespec.
2018-08-25 21:02:05 -06:00
Todd C. Miller
fe965c3a31 Fix typo in last commit. 2018-08-22 19:15:26 -06:00
Todd C. Miller
d876602dbf Do not assume all Linux has linux/random.h.
Add missing sys/syscall.h include
2018-08-22 15:12:11 -06:00
Todd C. Miller
ad104a3e47 Fix setting of errno when gotdata() fails. 2018-08-22 10:36:00 -06:00
Todd C. Miller
df1c062526 HP-UX doesn't suport CLOCK_MONOTONIC but we can use gethrtime() instead. 2018-08-20 10:56:34 -06:00
Todd C. Miller
6953e7fc79 Move updating of the window size to the monitor process.
This will allow us to close the slave in the main sudo process in
the future so only the command and monitor have it open.
2018-08-20 10:04:14 -06:00
Todd C. Miller
b3227d3ed5 Add sudo_gettime_uptime() to measure time while not sleeping. 2018-08-19 09:55:08 -06:00
Todd C. Miller
86413f95ec Don't need to preallocate 4 x NGROUP_MAX on AIX or BSD/Linux.
For BSD/Linux, getgrouplist(3) will tell us the number of groups if
we don't have enough.  For AIX, we can count the entries in the
group set before allocating the group vector.
2018-07-26 15:12:26 -06:00
Todd C. Miller
e7daff062f Linux getgrouplist(3) returns the number of groups on success instead
of 0 like BSD.
2018-07-23 07:23:17 -06:00
Todd C. Miller
33f96a0347 Use madvise(2) with MADV_WIPEONFORK if available. 2018-07-03 13:58:49 -06:00
Todd C. Miller
0ae9662833 Add sudo_getgrouplist2() to dynamically allocate the group vector.
This allows us to avoid repeatedly calling getgrouplist() with
a statically sized vector on macOS, Solaris, HP-UX, and AIX.
2018-06-15 14:05:13 -06:00
Todd C. Miller
43003d29d8 Use arc4random for mkstemp() and insults. 2018-05-24 21:04:23 -06:00
Todd C. Miller
ddd663a5f2 Import arc4random() from libressl. This takes an all-in-one approach
instead of the one-file-per-OS approach that libressl takes.
The fallback code does not have as many OS-specific bits as libressl.
2018-05-24 21:04:23 -06:00