isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,492 Commits 1 Branch 0 Tags
91b6d71a042ceeb2c5d458d37fa72f0c0bdeb79c
Commit Graph

9492 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
019279a4b8 Fix some mangled text in the license block. 2018-10-26 08:19:41 -06:00
Todd C. Miller
404524c4ef Add regress test for sudo_getgrouplist2(). 
This test assumes all the groups in root's group list can
be resolved by group ID.
 2018-10-26 06:52:46 -06:00
Todd C. Miller
50b581ec3d More changes in 1.8.26 2018-10-25 09:04:52 -06:00
Todd C. Miller
1b035b5426 Add padding option to cvtsudoers. 
Bug #856
 2018-10-25 08:40:25 -06:00
Todd C. Miller
78d35de935 Remove an errant grset++ in the AIX version of sudo_getgrouplist2(). 
Bug #857
 2018-10-25 07:17:31 -06:00
Todd C. Miller
cb588f2337 Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c. 
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree.  This
is not a problem as it just contains stub functions.
 2018-10-22 09:12:17 -06:00
Todd C. Miller
56cff772eb Asturian translation for sudo from translationproject.org 2018-10-22 06:21:59 -06:00
Todd C. Miller
3710d5ba07 Add support for CLOCK_MONOTONIC_RAW and CLOCK_UPTIME_RAW, present 
on macOS.
 2018-10-21 15:24:33 -06:00
Todd C. Miller
4c82e18ac1 Add --enable-pvs-studio configure option to create PVS-Studio.cfg. 2018-10-21 08:46:09 -06:00
Todd C. Miller
c5df091123 Add pvs-studio target and associated production rules. 2018-10-21 08:46:05 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
45652e6d71 Simplify range checks. 
No need to check for ERANGE in the cases where we also check
that the value is <= INT_MAX.  Found by PVS-Studio.
 2018-10-20 08:47:12 -06:00
Todd C. Miller
8c94175ba1 Avoid some PVS-Studio false positives. 2018-10-19 13:35:20 -06:00
Todd C. Miller
e9dec0f8d2 Remove some calls to sudo_fatalx(); just propagate the error return. 2018-10-19 13:35:05 -06:00
Todd C. Miller
6a85992b34 No need to check if fd_dst is -1 in sudoedit mode. 
Failure to open the destination sudoedit file is fatal so there's
no need to check that fd_dst != -1 later on.  Found by PVS-Studio.
 2018-10-19 13:33:37 -06:00
Todd C. Miller
6786d53d45 In timestamp_open() no need to free cookie on error, it is NULL. 
Found by PVS-Studio.
 2018-10-19 13:32:24 -06:00
Todd C. Miller
deccfe68f1 Fix a memory leak on malloc() error in sudo_ldap_role_to_priv(). 
Coverity CID 188804
 2018-10-18 15:38:54 -06:00
Todd C. Miller
84ef500061 Move the allocation of role to be immediately before in_role is set. 
This makes it clear that when in_role == true, role is non-NULL.
Also remove two dead stores.
 2018-10-18 14:43:08 -06:00
Todd C. Miller
2ff8f8601b Fix trimming of non-escaped trailing space in ldif_parse_attribute(). 
Found by PVS-Studio.
 2018-10-18 14:29:33 -06:00
Todd C. Miller
c2d93b8c97 Simplify the logic surrounding sudoers_args in command_args_match(). 
We only need to check that sudoers_args is non-NULL once.
Found by PVS-Studio.
 2018-10-18 14:24:55 -06:00
Todd C. Miller
54784a234c If sudo_ldap_get_values_len() fails goto cleanup instead of oom. 
This is not strictly necessary as there's not anything to cleanup
in this case but it is more consistent with the code that follows.
 2018-10-18 14:19:09 -06:00
Todd C. Miller
63afa569f7 Fix handling of timeout values in sudoers. 
When passing the timeout back to the front end, ignore the
user-specified timeout if it is not set (initialized to 0).
Otherwise, sudo would choose a zero user-specified timeout over
the sudoers-specified timeout (non-zero).
 2018-10-18 08:08:44 -06:00
Todd C. Miller
675fc34c3d Fix cut & pastos in cvtsudoers_make_gritem() 2018-10-17 09:54:53 -06:00
Todd C. Miller
60f0d65e22 Fix expected test output now that command_timeout is parsed correctly 
in LDIF.
 2018-10-17 06:57:06 -06:00
Todd C. Miller
939585e906 tv_nsec can never be negative after timespecsub. 
Found by PVS Studio
 2018-10-17 06:21:48 -06:00
Todd C. Miller
25a58ba1ca Avoid potentially undefined behavior. 
Found by PVS Studio.
 2018-10-16 12:50:43 -06:00
Todd C. Miller
e1a402f1d6 sudo_ldap_parse_option() never returns '=' as the operator. 
When parsing command_timeout, role, type, privs and limitprivs,
check that val is non-NULL instead.  Found by PVS Studio.
 2018-10-16 12:49:34 -06:00
Todd C. Miller
a9fd783f20 Fix up #line entries that reference lex.sudoers.c. 2018-10-16 10:31:43 -06:00
Todd C. Miller
387672583e Fix workaround for broken sudo 1.8.7 timing files. 2018-10-13 08:08:16 -06:00
Todd C. Miller
fa7e6f3f04 Fix memory leak when reusing the runas list. We need to free the 
member list itself as well as its contents.
 2018-10-13 07:31:34 -06:00
Todd C. Miller
75d9c6f165 Some DIAGNOSTICS updates: 
Update error message for when the user's uid does not exist in passwd.
Remove "This error indicates" and some other cosmetic cleanups.
 2018-10-13 06:21:52 -06:00
Todd C. Miller
fbf396e336 If the user's passwd entry cannot be resolved via the uid, use the 
same error message as visudo.
 2018-10-13 06:19:03 -06:00
Todd C. Miller
ae7198a247 Add a DIAGNOSTICS section with an explanation of the more non-trivial 
error messages.
 2018-10-12 09:40:37 -06:00
Todd C. Miller
b89cf34b53 Replace sudo_fatal(NULL) with an "unable to allocate memory" message 
that includes the function name.
 2018-10-12 08:39:12 -06:00
Todd C. Miller
9e269e0acd Make EOF handling while reading the password prompt more like getpass(3). 
We now return the password as long as at least one character has
been read.  Previously, EOF at the password prompt was treated as
if nothing was entered.
 2018-10-09 14:20:13 -06:00
Todd C. Miller
7b395aad89 regen 2018-10-09 14:13:28 -06:00
Todd C. Miller
ab2cba0f5d Print a warning for password read issues. 
Issues include: timeout at the password prompt, read error while
reading the password, and EOF reading the password.
 2018-10-09 13:25:52 -06:00
Todd C. Miller
2b56252210 Handle EOF on password input when pwfedback is enabled. 2018-10-08 06:47:53 -06:00
Todd C. Miller
013e0025c9 Fix remaining instances of "e.g." without a trailing ','. 2018-10-07 07:35:36 -06:00
Todd C. Miller
675802b71c Use mdoc macros for BSD systems. 
All manuals now pass "make lint"
 2018-10-07 07:34:22 -06:00
Todd C. Miller
244be23301 Use -Wstyle with -Tlint since sudo is not part of the base system. 
This avoids "referenced manual not found" and "operating system
explicitly specified" warnings.
 2018-10-07 07:26:28 -06:00
Todd C. Miller
5433eb546a Document log_suspend() and fix the description of the change_winsize() return value. 2018-10-07 07:18:29 -06:00
Todd C. Miller
dd6a6e4013 Fix problems found by igor. Bug #854 2018-10-06 06:00:56 -06:00
Todd C. Miller
a814da673f Sort DOCS and DEVDOCS and remove extra sudoers entry (it was listed twice). 2018-10-06 05:55:41 -06:00
Todd C. Miller
ec2cc68c0b Add igor target to run igor(1) on the manuals. 2018-10-06 05:39:20 -06:00
Todd C. Miller
a71eb86a71 Add new -S option to sleep while the command was suspended. 
The default behavior is now to not consider the time the command
was suspended as part of the normal inter-event delay.
 2018-10-05 14:48:35 -06:00
Todd C. Miller
cf07dc0757 Add a suspend event type to the I/O log to log suspend/resume of 
the command so we can skip that delay during replay.
 2018-10-05 14:16:08 -06:00
Todd C. Miller
e2570307e6 Initialize the pty rows/cols based on the values we stored in user_details. 
This fixes a minor issue where we would send an extra window size
change event the first time the command was suspended.
 2018-10-05 14:04:29 -06:00
Todd C. Miller
c0e8bde104 Add support for OpenLDAP's TLS_REQCERT setting in ldap.conf. 2018-09-27 09:58:10 -06:00
Todd C. Miller
2121693879 Move definition of TIME_T_MAX to sudo_util.h 2018-09-24 14:21:58 -06:00