isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,830 Commits 1 Branch 0 Tags
a326411903047293c01ee7ff10f80d88eb4fc569
Commit Graph

147 Commits

Author SHA1 Message Date
Todd C. Miller
a326411903 Use $(GREP) and $(EGREP) variables in Makefile.in files. 2022-09-12 16:30:52 -06:00
Todd C. Miller
9c61d7e6e9 Bump the sudo plugin minor version. 
The "update_ticket" entry was added to the settings list and the
"intercept_verify" entry was added to the command_info list.
 2022-08-02 14:28:29 -06:00
Todd C. Miller
f6e4d2765a Add explicit include of unistd.h for getopt(3) and related variables. 2022-07-05 11:35:25 -06:00
Todd C. Miller
e5834bd405 Use #include <config.h> not #include "config.h" for consistency. 
Otherwise, some compilers may do the wrong thing in a build
dir if there is a config.h file in the source dir too.
 2022-06-29 08:47:16 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
9ac42292d1 Bump plugin minor version and document new intercept-related settings. 
There should have been a minor version bump for sudo 1.9.8 when
intercept was originally implemented.
 2022-05-26 09:19:08 -06:00
Todd C. Miller
930271847a clean_output: prune lines that consisting of '^' characters and whitespace. 
Starting with Python 3.11, backtraces may contain a line with '^'
characters to bring attention to the important part of the line.
Also replace "REJECT" with "0" in backtrace output for Python 3.11.
 2022-04-11 19:05:06 -06:00
Todd C. Miller
dcb2fb26a5 Rename SSP_(C|LD)FLAGS -> HARDENING_(C|LD)FLAGS 2022-04-01 11:14:59 -06:00
Todd C. Miller
1f64aca229 Unset LANGUAGE when running tests, otherwise it may override LC_ALL. 
Bug #1025.
 2022-03-14 13:51:03 -06:00
Todd C. Miller
dfda098ae7 Deinit python subinterpreters in reverse order (last to first). 
This appears to work around a crash on OpenBSD with Python 3.9.10.
 2022-03-06 18:39:12 -07:00
Todd C. Miller
c131b27474 For 'make check-verbose' run fuzzers with -verbose=1 
This is the default for libFuzzer but not for the stub fuzzer lib.
 2022-03-03 10:45:56 -07:00
Todd C. Miller
cdee5d48da Add check-verbose Makefile target that runs tests in verbose mode. 2022-03-02 13:32:08 -07:00
Todd C. Miller
dda14cb57a Less verbose output unless the -v option is used. 
Also display a test summary at the end.
 2022-03-01 16:09:32 -07:00
Todd C. Miller
853e710f4a Only emulate Py_FinalizeEx for Python 3.[0-5]. 2022-01-12 13:07:21 -07:00
Todd C. Miller
def7a51f4d Bump plugin version in test data to 1.18. 2021-11-09 13:59:36 -07:00
Todd C. Miller
4289e9609d Teach mkdep.pl about --tag=disable-static in LTFLAGS. 
If static objs are disabled we need to add explicit dependencies for
.o files.  The OpenBSD libtool doesn't use a pic object file when
linking executables so we need to build the non-pic objects too.
 2021-09-13 09:33:17 -06:00
Todd C. Miller
70aef0eb2d sudo_debug_register: add minfd argument to specify lowest fd number 
Use this in sudo_intercept.so to avoid allocating a low-numbered
fd which the shell reserves for use by scripts.
 2021-08-26 09:57:24 -06:00
Todd C. Miller
657897b8bf Check that the python module we actually loaded is what we intended. 
This is intended to provide a more useful error message if the
user defines a module which conflicts with a system python module.
For example, a module called test.py would conflicts with the system
python test module.
 2021-07-08 15:50:04 -06:00
Todd C. Miller
6cdf49d33d Quiet -Wshadow warnings from gcc. 2021-05-07 15:10:51 -06:00
Todd C. Miller
8a65893435 Add a suppression file for the libpython leaks. 
This is a big hammer but it seems like the best we can do for now.
Allows "make check" to succeed when address sanitizer is used.
 2021-04-26 08:58:00 -06:00
Todd C. Miller
a85c6b41a6 Avoid a potential NULL dereference when mutating args_str. 
Coverit CID 221401
 2021-04-23 19:05:45 -06:00
Todd C. Miller
7c2224584d Regenerate test output with python 3.10a7 
Also adjust debug tests so they pass on older python versions
 2021-04-16 15:24:12 -06:00
Todd C. Miller
d4517e0a1c Move autoconf auxiliary files to the scripts directory. 2021-04-06 14:23:38 -06:00
Todd C. Miller
dfff132122 Add a new "fuzz" target that executes the fuzzers for 8192 runs each. 
To run indefinately, set FUZZ_RUNS=-1, e.g. "make FUZZ_RUNS=-1 fuzz"
 2021-03-18 16:48:19 -06:00
Todd C. Miller
4c182c90f1 Rename "fuzz" makefile target to "check-fuzzer". 
It's purpose is to run the fuzzers are part of a normal "make check"
to avoid bit rot, not to perform a fuzzer run.
The fuzz_logsrvd_conf fuzzer was not wired up to "make check" previously.
 2021-03-18 09:08:16 -06:00
Todd C. Miller
3f11e8d9a6 Quiet a few Solaris Studio compiler warnings. 2021-03-10 08:57:28 -07:00
Todd C. Miller
0cf7c3a951 Set locale for all "make check" targets. 2021-03-08 12:51:48 -07:00
Todd C. Miller
14c71eaa86 Add clean rules to .PHONY target. 2021-02-19 08:54:04 -07:00
Todd C. Miller
9f1e016cde Add install-fuzz Makefile target to install the fuzzers and seed corpus. 
The FUZZ_DESTDIR make variable needs to be set in the environment
or on the command line.
 2021-02-18 19:38:54 -07:00
Todd C. Miller
de2a47f273 Set MALLOC_OPTIONS and MALLOC_CONF for all regress targets. 2021-02-15 13:17:46 -07:00
Todd C. Miller
63a3f62547 Add fuzz Makefile target and run fuzzer corpus in make check. 2021-02-08 04:56:17 -07:00
Todd C. Miller
bca213959b Remove Py_SSIZE2SIZE to quiet cppcheck warnings. 
Tuple size cannot be negative and we already handle the case where
it is zero.
 2021-01-26 11:33:06 -07:00
Todd C. Miller
4603da02af Add a comment to verify_import() to clarify its purpose. 2021-01-06 19:16:26 -07:00
Todd C. Miller
4e11bc0e26 Suppress PVS Studio false positives. 2021-01-06 14:27:09 -07:00
Todd C. Miller
84b3a1dae1 Remove the --force option from the cppcheck args, it causes errors. 2021-01-06 13:01:09 -07:00
Todd C. Miller
8617833385 Minor fixes pointed out by cppcheck. 
Also add compareBoolExpressionWithInt to suppression list.
 2021-01-02 10:43:34 -07:00
Todd C. Miller
bdf5530014 Set pp_ignore_define_body=false in uncrustify config. 
Need to work around a bug that produces closed brace errors,
see https://github.com/uncrustify/uncrustify/issues/2569
 2020-11-23 10:47:47 -07:00
Todd C. Miller
d688f4d34e Back out regex use in python tests, filter the output instead. 
This makes it possible to regenerate the test output again.
Also adds an update_test_data target to the Makefile.
 2020-11-11 19:04:01 -07:00
Todd C. Miller
fe9e65754c Add event_alloc to the audit plugin API. 
The sudoers audit plugin will use this to communicate with sudo_logsrvd.
 2020-11-02 15:28:21 -07:00
Todd C. Miller
79921387a3 regen Makefiles 2020-10-20 19:23:46 -06:00
Todd C. Miller
c4a579cf8a Pass resource limits values to the plugin in user_info[] 
Sudo resets the resource limits early in its execution so
the plugin cannot tell what the original limits were itself.
 2020-08-31 16:37:01 -06:00
Todd C. Miller
84e6e6ccf9 Update copyright year on some files where it was out of date. 2020-08-31 14:09:36 -06:00
Todd C. Miller
a940a2c78e Fix some warnings from pvs-studio 2020-08-12 20:01:39 -06:00
Todd C. Miller
985af422d2 Rename __dso_public -> sudo_dso_public and move to config.h. 2020-08-12 09:57:42 -06:00
Todd C. Miller
38e28dcbf5 Rename python_plugin.exp.in -> python_plugin.exp 
There is nothing dynamic in this file.
 2020-08-03 10:15:28 -06:00
Todd C. Miller
3b4d4ab8dd Add missing python_plugin.exp.in file and remove unneeded __dso_public 
This fixes building the python plugin on systems where the compiler
doesn't support symbol hiding (but wherethe linker does).
 2020-08-03 09:53:12 -06:00
Todd C. Miller
03ad96e445 Use the fallthrough attribute instead of /* FALLTHROUGH */ comments. 2020-08-01 13:10:50 -06:00
Todd C. Miller
3e12b99eed Check asprintf() return value. 2020-06-06 19:13:21 -06:00
Todd C. Miller
f0dc48548c Add support for "accept" audit events sent by the sudo front-end. 
With this change, the sudo front-end will send an "accept" audit
event to the audit plugins after all the I/O logging plugins have
been initialized.  This can be used by an audit plugin that does
not care about the result of the individual policy and approval
plugins and only wants to receive a single "accept" event if all
policy and approval plugins have succeeded.  The plugin_type argument
for events sent by the front-end is SUDO_FRONT_END (0).
 2020-06-02 09:07:44 -06:00