Todd C. Miller
5d4142f294
libsudo_util depends on LT_DEP_LIBS even when building a static lib
2019-06-10 13:27:12 -06:00
Todd C. Miller
81c6cac81b
Solaris getentropy() requires that sys/random.h be included.
2019-06-10 12:12:57 -06:00
Todd C. Miller
cd2cfeb8cb
It is safe to assume _POSIX_VDISABLE is defined.
...
The old compat defines were to support pre-termios systems.
2019-05-16 12:24:48 -06:00
Todd C. Miller
1e1ef61902
Add SPDX-License-Identifier to files.
2019-04-29 07:21:51 -06:00
Todd C. Miller
30a56af6ef
FreeBSD's /dev/fd only contains fds 0-2 unless fdescfs is mounted.
...
In practice this doesn't matter since FreeBSD >= 8 has a native closefrom
2019-04-26 15:21:29 -06:00
Todd C. Miller
de65d70929
Add a proper getdelim(3) replacement and use it instead of getline(3).
2019-04-08 10:37:30 -06:00
Todd C. Miller
731e796711
Fix the counting of supplementary groups on AIX.
...
We should not assume that basegid will be present in the list of
gids returned by getgrset().
2019-03-18 14:08:21 -06:00
Todd C. Miller
17ca31c381
Ignore EOVERFLOW from pstat_getproc(), it is not a fatal error.
...
It just means that one of the fields in pstat lacks the precision to
store a value. That's not an issue for pst_highestfd.
2019-03-06 20:13:40 -07:00
Todd C. Miller
683c65b98b
Only export sudo_arc4random_uniform() if arc4random_uniform() is missing.
2019-02-18 16:03:55 -07:00
Todd C. Miller
f17683482b
Quiet a warning on gcc 8
2019-02-18 15:56:12 -07:00
Todd C. Miller
13c3244220
include stddef.h to make sure we get NULL
2019-02-04 14:07:20 -07:00
Todd C. Miller
985600e7f0
Minor snprintf() usage tweaks:
...
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
2019-01-20 07:49:48 -07:00
Todd C. Miller
f7d7a9a619
Fix the default nofiles and stack hard limits.
...
The table of default hard limits in /etc/security/limits was out
of date with respect to the current documentation. The default
hard limit for nofiles should be unlimited, not 8196. The default
hard limit for stack should be 4194304 blocks (which fits in an
unsigned long on 32-bit platforms).
2019-01-07 09:38:03 -07:00
Todd C. Miller
716aa6e4ab
Support st_nmtime in struct stat as found in HP-UX.
2018-11-14 13:37:46 -07:00
Todd C. Miller
7c5469264d
If fcntl fails, fall back to the /proc implementation.
2018-11-14 13:37:45 -07:00
Todd C. Miller
537a2f9773
Only use closefrom_fallback() if no better method exists.
...
The previous logic was too fragile.
2018-11-08 15:17:39 -07:00
Todd C. Miller
cdd5bb32eb
Add sudo_gai_fatal, sudo_gai_vfatal, sudo_gai_vwarn, sudo_gai_warn
...
and gai_log_warning that use gai_strerror() instead of strerror().
2018-11-05 09:08:05 -07:00
Todd C. Miller
ffe2041a02
Skip sudo_getgrouplist2() check on systems with getgrouplist_2().
...
sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS where a user is automatically a
member of certain groups.
2018-10-26 11:11:58 -06:00
Todd C. Miller
e22410ba64
Add missing exported symbol sudo_term_eof
2018-10-26 10:45:12 -06:00
Todd C. Miller
a3cb22b467
Check the user's primary gid from the passwd file too.
2018-10-26 10:24:38 -06:00
Todd C. Miller
6c3d20cb41
Convert PVS-Studio comment to ANSI C.
2018-10-26 08:39:09 -06:00
Todd C. Miller
019279a4b8
Fix some mangled text in the license block.
2018-10-26 08:19:41 -06:00
Todd C. Miller
404524c4ef
Add regress test for sudo_getgrouplist2().
...
This test assumes all the groups in root's group list can
be resolved by group ID.
2018-10-26 06:52:46 -06:00
Todd C. Miller
78d35de935
Remove an errant grset++ in the AIX version of sudo_getgrouplist2().
...
Bug #857
2018-10-25 07:17:31 -06:00
Todd C. Miller
cb588f2337
Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c.
...
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree. This
is not a problem as it just contains stub functions.
2018-10-22 09:12:17 -06:00
Todd C. Miller
3710d5ba07
Add support for CLOCK_MONOTONIC_RAW and CLOCK_UPTIME_RAW, present
...
on macOS.
2018-10-21 15:24:33 -06:00
Todd C. Miller
c5df091123
Add pvs-studio target and associated production rules.
2018-10-21 08:46:05 -06:00
Todd C. Miller
64e5d34c57
Add comments in .c files so PVS-Studio will check them.
2018-10-21 08:46:05 -06:00
Todd C. Miller
8c94175ba1
Avoid some PVS-Studio false positives.
2018-10-19 13:35:20 -06:00
Todd C. Miller
939585e906
tv_nsec can never be negative after timespecsub.
...
Found by PVS Studio
2018-10-17 06:21:48 -06:00
Todd C. Miller
2b56252210
Handle EOF on password input when pwfedback is enabled.
2018-10-08 06:47:53 -06:00
Todd C. Miller
d8870177c2
Pass getgrouplist() NGROUPS_MAX+1, not NGROUPS_MAX so we have room
...
for the primary gid.
2018-09-22 12:55:44 -06:00
Todd C. Miller
c639c965cf
Fix a crash in the event system's poll() backend introduced with
...
support for nanosecond timers. Only affects systems without ppoll().
Bug #851
2018-09-12 07:02:13 -06:00
Todd C. Miller
a924b4610b
Fix warnings on OpenIndiana (Illumos)
2018-08-30 14:06:18 -06:00
Todd C. Miller
5fea22e514
sync
2018-08-26 19:31:20 -06:00
Todd C. Miller
63f7aa8fcf
Backward ABI compatibility for even functions that use a timeval.
2018-08-25 21:02:07 -06:00
Todd C. Miller
6b76f9dbd3
Use a monotonic timer for the event subsystem.
2018-08-25 21:02:06 -06:00
Todd C. Miller
04d1f56d90
Use struct timespec, not struct timeval in the event subsystem.
...
Use ppoll() or pselect() if avaialble which use timespec.
2018-08-25 21:02:05 -06:00
Todd C. Miller
fe965c3a31
Fix typo in last commit.
2018-08-22 19:15:26 -06:00
Todd C. Miller
d876602dbf
Do not assume all Linux has linux/random.h.
...
Add missing sys/syscall.h include
2018-08-22 15:12:11 -06:00
Todd C. Miller
ad104a3e47
Fix setting of errno when gotdata() fails.
2018-08-22 10:36:00 -06:00
Todd C. Miller
df1c062526
HP-UX doesn't suport CLOCK_MONOTONIC but we can use gethrtime() instead.
2018-08-20 10:56:34 -06:00
Todd C. Miller
6953e7fc79
Move updating of the window size to the monitor process.
...
This will allow us to close the slave in the main sudo process in
the future so only the command and monitor have it open.
2018-08-20 10:04:14 -06:00
Todd C. Miller
b3227d3ed5
Add sudo_gettime_uptime() to measure time while not sleeping.
2018-08-19 09:55:08 -06:00
Todd C. Miller
86413f95ec
Don't need to preallocate 4 x NGROUP_MAX on AIX or BSD/Linux.
...
For BSD/Linux, getgrouplist(3) will tell us the number of groups if
we don't have enough. For AIX, we can count the entries in the
group set before allocating the group vector.
2018-07-26 15:12:26 -06:00
Todd C. Miller
e7daff062f
Linux getgrouplist(3) returns the number of groups on success instead
...
of 0 like BSD.
2018-07-23 07:23:17 -06:00
Todd C. Miller
33f96a0347
Use madvise(2) with MADV_WIPEONFORK if available.
2018-07-03 13:58:49 -06:00
Todd C. Miller
0ae9662833
Add sudo_getgrouplist2() to dynamically allocate the group vector.
...
This allows us to avoid repeatedly calling getgrouplist() with
a statically sized vector on macOS, Solaris, HP-UX, and AIX.
2018-06-15 14:05:13 -06:00
Todd C. Miller
43003d29d8
Use arc4random for mkstemp() and insults.
2018-05-24 21:04:23 -06:00
Todd C. Miller
ddd663a5f2
Import arc4random() from libressl. This takes an all-in-one approach
...
instead of the one-file-per-OS approach that libressl takes.
The fallback code does not have as many OS-specific bits as libressl.
2018-05-24 21:04:23 -06:00