isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,808 Commits 1 Branch 0 Tags
817f63b05d95d0e4bae381a1bb4503e1559b8fe8
Commit Graph

555 Commits

Author SHA1 Message Date
Todd C. Miller
0af393e75b Suppress PVS-Studio false positive. 2022-08-25 14:22:21 -06:00
Todd C. Miller
9ebaabfdde sudo_dso_load: restore original error for AIX on failure. 
For AIX, if dlopen() fails we try again with RTLD_MEMBER set
and a default member (shr.o or shr_64.o).  However, if that
also fails, the user will receive a useless error message
that doesn't correspond to the actual problem.  We now retry
the original dlopen() if the fallback to RTLD_MEMBER fails,
which has the effect of restoring the original error message.
 2022-08-04 09:35:06 -06:00
Li zeming
c27acf55ec util/arc4random: (void*) type pointer passing address could remove cast 
Signed-off-by: Li zeming <zeming@nfschina.com>
 2022-08-02 13:39:40 -06:00
Tim Shearer
e4f08157b6 Fix incorrect SHA384/512 digest calculation. 
Resolves an issue where certain message sizes result in an incorrect
checksum. Specifically, when:
(n*8) mod 1024 == 896
where n is the file size in bytes.
 2022-08-02 10:53:15 -04:00
Todd C. Miller
23ab31fce0 Avoid a Coverity positive. 2022-07-26 13:05:46 -06:00
Todd C. Miller
3421c8b6ce Fix potential NULL pointer deference found by clang-analyzer. 2022-07-26 11:44:12 -06:00
Todd C. Miller
5516cdcd5b For preload DSO make copies of cmnd, argv, envp and map them read-only. 2022-07-25 19:56:54 -06:00
Todd C. Miller
e43c964c43 Use sudo_mmap_alloc functions instead of private versions. 
We no longer need to keep track of the allocation size.
 2022-07-25 16:05:10 -06:00
Todd C. Miller
fccf3c9c56 Add sudo_mmap_{alloc,allocarrary,strdup,free} functions. 
These allocate memory via mmap anonymous regions and store the mapped
size immediately before the returned pointer as an unsigned long.
They are intended to be used in cases where malloc(3) and free(3)
are unsuitable due to concerns about corrupting global state in
multi-threaded programs or signal handlers.
 2022-07-25 15:08:11 -06:00
Todd C. Miller
e5652fc65a Linux execve(2) allows argv or envp to be NULL. 
Add checks to make sure we don't deference a NULL pointer.
 2022-07-14 09:29:40 -06:00
Todd C. Miller
f6e4d2765a Add explicit include of unistd.h for getopt(3) and related variables. 2022-07-05 11:35:25 -06:00
Todd C. Miller
42c6d9fb50 In timegm() initialize tm_isdst to 0 like tzcode does. 2022-07-01 14:23:28 -06:00
Todd C. Miller
50813f8160 Quiet another -Wwrite-strings warning. 2022-06-29 16:41:11 -06:00
Todd C. Miller
3e21c8da5c Add missing PVS Studio Open Source comments. 
Also avoid checking protobuf-c source and protobuf-c generated files.
 2022-06-29 09:45:04 -06:00
Todd C. Miller
e5834bd405 Use #include <config.h> not #include "config.h" for consistency. 
Otherwise, some compilers may do the wrong thing in a build
dir if there is a config.h file in the source dir too.
 2022-06-29 08:47:16 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
5787da7b21 Quiet a compiler warning on macOS. 
The getgrouplist() groups array on macOS is int * instead of gid_t *.
 2022-06-13 14:59:00 -06:00
Todd C. Miller
b77cbb2e67 Fix building with select (not poll) when fd_set is not defined in sys/types.h. 
We can use a void * for the fd_set arrays and just add a cast when
using the FD_SET macros.
 2022-06-06 19:42:29 -06:00
Todd C. Miller
51b64780c0 Plug a memory leak. 2022-06-01 15:24:28 -06:00
Todd C. Miller
dcb2fb26a5 Rename SSP_(C|LD)FLAGS -> HARDENING_(C|LD)FLAGS 2022-04-01 11:14:59 -06:00
Todd C. Miller
1f64aca229 Unset LANGUAGE when running tests, otherwise it may override LC_ALL. 
Bug #1025.
 2022-03-14 13:51:03 -06:00
Todd C. Miller
b2a32f95ee getdelim_test: increase longstr to check end pointer after realloc 
This would have caught the recent bug in our getdelim replacement
when run under address-sanitizer or valgrind.
 2022-03-11 09:03:55 -07:00
Todd C. Miller
c48c511e91 Correctly update the end pointer when we expand the buffer. 
From Robert Manner.
 2022-03-11 08:00:38 -07:00
Todd C. Miller
6ff33922f4 sudo_secure_path: pass the struct stat * argument directly to stat(2) 
Set the pointer to a struct stat on the stack if st is NULL.
Avoids a needless memcpy() at the end.
 2022-03-10 20:16:51 -07:00
Todd C. Miller
31ab2e2297 Plug a few test memory leaks now that they return from main(). 2022-03-08 13:34:38 -07:00
Todd C. Miller
c131b27474 For 'make check-verbose' run fuzzers with -verbose=1 
This is the default for libFuzzer but not for the stub fuzzer lib.
 2022-03-03 10:45:56 -07:00
Todd C. Miller
cdee5d48da Add check-verbose Makefile target that runs tests in verbose mode. 2022-03-02 13:32:08 -07:00
Todd C. Miller
43cc80d795 Add -v option parsing to regress tests, currently a no-op. 
This will be used by a "check-verbose" target in the future.
 2022-03-02 11:09:51 -07:00
Todd C. Miller
75a0e51590 Add sudo_closefrom() regression test. 2022-03-01 11:31:19 -07:00
Todd C. Miller
f1a697a8ff Use close_range(2) in closefrom() emulation if available. 
On Linux, prefer our own closefrom() emulation since the glibc
version may fail if /proc is not present and close_range() is not
supported.  On FreeBSD, closefrom(3) will either call the closefrom
or close_range system call, depending on which is available.
 2022-03-01 09:54:23 -07:00
Todd C. Miller
c2bd52edf8 Allow test harness to be run from any directory. 
Also add missing copyright notice.
 2022-02-28 19:39:33 -07:00
Todd C. Miller
a4f847b1d6 Adapt test harness for lib/util and move to regress directory. 2022-02-28 19:23:41 -07:00
Todd C. Miller
a57e979962 Adapt test harness for lib/util and move to regress directory. 2022-02-28 14:15:43 -07:00
Todd C. Miller
41bc52302b Do not disable fuzzer output if SUDO_FUZZ_VERBOSE env variable is set. 2022-02-22 12:04:10 -07:00
Todd C. Miller
33f54c853b Limit regular expressions to 1024 characters each. 
Avoids a problem with the fuzzer creating large regular expressions
that blow up the glibc regcomp().
 2022-02-12 09:33:02 -07:00
Todd C. Miller
7c17f84a35 Add helper function to compile a regex that supports (?i). 2022-02-11 12:01:31 -07:00
Todd C. Miller
1afce22f7f Use PATH_MAX, not NAME_MAX+1 for the directory entry length. 
On some systems, such as Solaris, the max length of a directory
entry is filesystem-dependent.  We could use fpathconf() and
dynamically allocate the name but it is simpler to just use
PATH_MAX here.
 2022-01-12 15:30:39 -07:00
Todd C. Miller
1f098a2029 Use POSIX NAME_MAX, not the obsolete MAXNAMLEN define. 
Fixes compilation with musl libc.
 2022-01-12 10:25:44 -07:00
Todd C. Miller
c53192eb7e sudo_mkdir_parents: make sure the path we created is a directory 
For extra paranoia, verify that the directory we created is still
a directory before we fchown() it.
 2021-12-11 16:27:33 -07:00
Todd C. Miller
c13b21c199 Avoid TOCTOU in sudo_mkdir_parents() using openat(2) and mkdirat(2). 
This also allows us to make path const as it should be.
 2021-12-11 08:35:18 -07:00
Todd C. Miller
aae130eb73 Add build dir to include search path for mksiglist.h and mksigname.h 
Fixes out of tree builds on systems without sys_siglist[] or
sys_signame[].  GitHub issue #123.
 2021-12-02 07:19:43 -07:00
Todd C. Miller
dc5ac7424b Pass correct size to free_zero(). 
Coverity CID 241233
 2021-11-20 09:14:04 -07:00
Todd C. Miller
70c0d35faa Add missing dependencies for timegm. 2021-11-18 13:28:19 -07:00
Todd C. Miller
5faf46de6f Use $(SED), not sed, when generating mksiglist.h/mksigname.h 2021-11-10 13:35:44 -07:00
Todd C. Miller
09b82a22ca Add configure check for sha1sum and use "openssh dgst -sha1" if missing. 
Only needed when building the seed corpus zip files.
 2021-11-10 13:31:42 -07:00
Todd C. Miller
4eebd53bce parse_gentime: use timegm() to generate time since the epoch 
The timegm() function is non-standard but widely available.
Provide an implementation for those systems that lack it.
Bug #1006
 2021-10-31 09:27:34 -06:00
Todd C. Miller
b506497fe4 Fix pasto in gmtime_r and localtime_r macros. 
Also add missing Makefile targets for them.
 2021-10-31 09:01:18 -06:00
Todd C. Miller
cc6157d7d4 Add support for WolfSSL's OpenSSL compatibility layer. 
Based on changes from Hayden Roche
 2021-10-25 13:17:57 -06:00
Todd C. Miller
465bfbba72 regenerate dependencies 2021-10-25 12:32:02 -06:00