isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,386 Commits 1 Branch 0 Tags
9d79a0767ccd0dadfaf7f41565b44b01ed938c24
Commit Graph

59 Commits

Author SHA1 Message Date
Todd C. Miller
803fc56bef eventlog_free: free signal_name too 2021-10-19 13:14:37 -06:00
Todd C. Miller
bddf03fe45 No longer need to pass exit params to eventlog_exit(), use struct eventlog. 
Now that struct eventlog includes the exit parameters we can simplify
how eventlog_exit() is called.
 2021-10-19 08:58:34 -06:00
Todd C. Miller
77c339858d Handle a missing run_time in an ExitMessage. 
It is now possible to pass a NULL run_time to eventlog_exit().
 2021-10-18 15:34:48 -06:00
Todd C. Miller
f73bc6dee3 format_json: fix pasto when setting dumped_core boolean 2021-10-19 08:46:28 -06:00
Todd C. Miller
518bc1b25f Only append argv[] to the log line if argv[0] is not NULL. 
It should not be possible to reach this point with a command defined
but argv[] empty but it doesn't hurt to check.
 2021-09-19 13:56:56 -06:00
Todd C. Miller
49bf0cc84b Use localtime_r() not gmtime_r() when formatting the local time. 
This is consistent with how sudo formatted time stamps prior to
the logging code being split off into libeventlog.
We only need to use gmtime_r() for ISO 8601 time.
 2021-09-17 14:01:29 -06:00
Todd C. Miller
55171df5e5 Check strftime(3) return value in all cases. 
Old versions of strftime(3) didn't guarantee to NUL-terminate the buffer
so we explicitly clear the last byte of the buffer and check it.
 2021-09-17 14:01:28 -06:00
Todd C. Miller
18f1884ddc Use gmtime_r() and localtime_r() instead of gmtime() and localtime(). 2021-09-17 10:55:06 -06:00
Todd C. Miller
5902c0e21c new_logline: limit offset to two significant digits after the decimal 
Now instead of TSID=0001L3@5.168230749 we would log TSID=0001L3@5.16.
 2021-08-14 13:22:48 -06:00
Todd C. Miller
babb498c6e new_logline: handle case where evlog is NULL 2021-08-14 09:24:39 -06:00
Todd C. Miller
0f6a74f180 Cast iolog_offset.tv_sec to long long for %lld printf format. 
Quiets a compiler warning on systems where tv_sec in struct timeval
is not long long.
 2021-08-13 16:19:58 -06:00
Todd C. Miller
4aefd43948 For intercepted commands, log an offset into the current I/O log. 
This can be used with sudoreplay to jump to when a specific command
was executed within a session log.
 2021-08-13 16:00:00 -06:00
Todd C. Miller
d109cd61d9 In new_logline check for NULL args->reason for EVLOG_RAW. 
This can't happen in practice since we never set EVLOG_RAW
without passing in a reason.  Coverity CID 237142 237143
 2021-07-27 12:19:53 -06:00
Todd C. Miller
e00ed390d5 format_json: don't dereference evlog if it is NULL. 
Also silence a PVS Studio false positive.
 2021-07-27 10:45:35 -06:00
Todd C. Miller
c234bab7b2 Remove unused info_cb and info arguments from eventlog_exit() 2021-07-15 11:07:25 -06:00
Todd C. Miller
fa7250ead7 Create a UUID and log it in the JSON version of the event log. 2021-07-15 11:07:25 -06:00
Todd C. Miller
b54a16e174 Add support for logging exit status events. 
For sudo-formatted logs, this is a record with "EXIT=number" and
potentially "SIGNAL=name" after the command.  For JSON-format logs,
a new "exit" record is logged which contains an "exit_value" and
potentially "signal" and "core_dumped".  JSON-format logs now incude
a UUID to associate the "exit" record with the "accept" record.
 2021-07-09 11:08:44 -06:00
Todd C. Miller
dfff132122 Add a new "fuzz" target that executes the fuzzers for 8192 runs each. 
To run indefinately, set FUZZ_RUNS=-1, e.g. "make FUZZ_RUNS=-1 fuzz"
 2021-03-18 16:48:19 -06:00
Todd C. Miller
4c182c90f1 Rename "fuzz" makefile target to "check-fuzzer". 
It's purpose is to run the fuzzers are part of a normal "make check"
to avoid bit rot, not to perform a fuzzer run.
The fuzz_logsrvd_conf fuzzer was not wired up to "make check" previously.
 2021-03-18 09:08:16 -06:00
Todd C. Miller
3f11e8d9a6 Quiet a few Solaris Studio compiler warnings. 2021-03-10 08:57:28 -07:00
Todd C. Miller
d452678787 Log peer address in sudo_logsrvd JSON-format logs. 
The peer that connected to us might not be the same host where the
log entry originated.
 2021-03-02 18:37:35 -07:00
Todd C. Miller
9bbf120bd8 For regess/fuzz set LC_ALL to C.UTF-8 if possible, falling back on C. 
Works around a crash in leak sanitizer when the locale is set to C
and TLS support is enabled.
 2021-03-02 13:40:23 -07:00
Todd C. Miller
bdfc07f330 Add some missing files to the clean target 2021-02-26 14:27:27 -07:00
Todd C. Miller
4128582723 Move eventlog config code into eventlog_conf.c 2021-02-24 14:25:39 -07:00
Todd C. Miller
f399c449ad Move eventlog_free() into its own file. 2021-02-24 13:59:17 -07:00
Todd C. Miller
14c71eaa86 Add clean rules to .PHONY target. 2021-02-19 08:54:04 -07:00
Todd C. Miller
9f1e016cde Add install-fuzz Makefile target to install the fuzzers and seed corpus. 
The FUZZ_DESTDIR make variable needs to be set in the environment
or on the command line.
 2021-02-18 19:38:54 -07:00
Todd C. Miller
e5c1778e7d When logging JSON to syslog, wrap the contents in a "sudo" object. 
This makes it easier for log parsers to identify what is a sudo log entry.
 2021-02-18 08:32:13 -07:00
Todd C. Miller
abdef93f72 Remove duplicated MALLOC_OPTIONS and MALLOC_CONF env variables. 2021-02-17 13:06:35 -07:00
Todd C. Miller
de2a47f273 Set MALLOC_OPTIONS and MALLOC_CONF for all regress targets. 2021-02-15 13:17:46 -07:00
Todd C. Miller
53e3dca7a6 Fix up some .la file library dependencies. 
libsudo_iolog.la already depends on libsudo_util.la and libsudo_eventlog.la
so we don't need to list those explicitly when libsudo_iolog.la is listed.
 2021-02-10 16:47:38 -07:00
Todd C. Miller
0663ffbc3f Use sudo_basename() instead of doing the equivalent manually. 2021-02-10 15:14:08 -07:00
Todd C. Miller
63a3f62547 Add fuzz Makefile target and run fuzzer corpus in make check. 2021-02-08 04:56:17 -07:00
Todd C. Miller
c140b5942c Remove remnants of liblogsrv. 2021-02-07 08:58:41 -07:00
Fabrice Fontaine
c05fe93669 lib/eventlog/Makefile.in: fix static build without closefrom 
Since version 1.9.4 and
bd1ca79cca,
when closefrom is not available, libsudo_eventlog.a depends on
libsudo_util.a. So reflect this dependency in the libtool file to avoid
the following static build failure of logsrvd:

/bin/bash ../libtool --tag=disable-static --mode=link /home/buildroot/autobuild/instance-1/output-1/host/bin/powerpc-linux-gcc -o sudo_logsrvd logsrv_util.o iolog_writer.o logsrvd.o logsrvd_conf.o -static -Wl,--enable-new-dtags -Wl,-z,relro    ../lib/iolog/libsudo_iolog.la ../lib/eventlog/libsudo_eventlog.la ../lib/logsrv/liblogsrv.la
/bin/bash ../libtool --tag=disable-static --mode=link /home/buildroot/autobuild/instance-1/output-1/host/bin/powerpc-linux-gcc -o sudo_sendlog logsrv_util.o sendlog.o -static -Wl,--enable-new-dtags -Wl,-z,relro    ../lib/iolog/libsudo_iolog.la ../lib/eventlog/libsudo_eventlog.la ../lib/logsrv/liblogsrv.la
libtool: link: /home/buildroot/autobuild/instance-1/output-1/host/bin/powerpc-linux-gcc -o sudo_logsrvd logsrv_util.o iolog_writer.o logsrvd.o logsrvd_conf.o -static -Wl,--enable-new-dtags -Wl,-z -Wl,relro  ../lib/iolog/.libs/libsudo_iolog.a /home/buildroot/autobuild/instance-1/output-1/build/sudo-1.9.5p1/lib/util/.libs/libsudo_util.a -lpthread -lz ../lib/eventlog/.libs/libsudo_eventlog.a ../lib/logsrv/.libs/liblogsrv.a
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc-buildroot-linux-uclibc/8.3.0/../../../../powerpc-buildroot-linux-uclibc/bin/ld: ../lib/eventlog/.libs/libsudo_eventlog.a(eventlog.o): in function `send_mail.constprop.1':
eventlog.c:(.text+0x149c): undefined reference to `sudo_closefrom'
collect2: error: ld returned 1 exit status

Fixes:
 - http://autobuild.buildroot.org/results/515b45f876fa9de03c9235f86017f4dc10eb3b54

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2021-01-22 07:00:18 -07:00
Todd C. Miller
4e11bc0e26 Suppress PVS Studio false positives. 2021-01-06 14:27:09 -07:00
Todd C. Miller
84b3a1dae1 Remove the --force option from the cppcheck args, it causes errors. 2021-01-06 13:01:09 -07:00
Todd C. Miller
8617833385 Minor fixes pointed out by cppcheck. 
Also add compareBoolExpressionWithInt to suppression list.
 2021-01-02 10:43:34 -07:00
Todd C. Miller
567e5167d1 Don't assume that just because command is non-NULL, argv is non-NULL. 2020-12-04 13:48:16 -07:00
Todd C. Miller
e22817e3ab Fix build when configured using --without-sendmail 
Bug #947
 2020-11-30 13:18:12 -07:00
Todd C. Miller
9779009fae Add info_msgs to AlertMessage and populate it. 
This lets us log eventlog info along with the alert if it is available.
 2020-11-09 17:15:11 -07:00
Todd C. Miller
0dd4c5797a For logsrvd AlertMessages, evlog will be NULL. 2020-11-06 14:40:54 -07:00
Todd C. Miller
444ca3789e Append errstr to reason for alert and reject events if specified. 
Previously, we logged the error string separately but this is
not consistent with how it is logged in other formats.
 2020-11-06 13:09:21 -07:00
Todd C. Miller
a9cad13b11 Use struct eventlog *evlog, not struct eventlog *details. 2020-11-09 16:52:21 -07:00
Todd C. Miller
1910b1924f Test eventlog_writeln() when word wrap is disabled. 2020-10-28 13:47:40 -06:00
Todd C. Miller
8c43eeb293 For JSON logs, write the most important log elements first. 
This is important for syslog where the record could be truncated.
 2020-10-27 16:28:16 -06:00
Todd C. Miller
6bc729aa36 Support "minimal" JSON which skips all non-essention whitespace. 
This replaces the old "compact" mode which is only used for syslog.
 2020-10-27 13:26:22 -06:00
Todd C. Miller
34c1651514 Check for fdopen(3) failure in send_mail(). 2020-10-26 21:23:36 -06:00
Todd C. Miller
fdae4bdbbb Add support for file log line wrapping in libeventlog. 2020-10-26 16:16:46 -06:00
Todd C. Miller
d899fe5936 Use real setters for the eventlog config. 
This makes it possible to have a base config that the callers can
modify instead of replacing the config wholesale.
 2020-10-26 16:10:42 -06:00