isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,490 Commits 1 Branch 0 Tags
adaba9c0f01135328f83afafb3024d15293c150c
Commit Graph

3646 Commits

Author SHA1 Message Date
Todd C. Miller
adaba9c0f0 Remove trailing whitespace from test output. 2023-07-20 06:57:19 -06:00
Todd C. Miller
7a10cdc286 _python_plugin_new_interpreter switches to the new interpreter 
No need to do PyThreadState_Swap in the caller.
 2023-07-20 06:58:53 -06:00
Todd C. Miller
cc939297a1 Call PyImport_AppendInittab after pre-initialization. 
Also remove redundant PyConfig settings.
 2023-07-19 09:13:23 -06:00
Todd C. Miller
da60384ad8 Use Py_InitializeFromConfig() not Py_InitializeEx() for Python >= 3.8. 
Avoids deprecation warnings on Python 3.12.
 2023-07-18 20:18:38 -06:00
Todd C. Miller
fa66c16689 sudoers_check_common: MODE_PRESERVE_ENV is not valid with MODE_CHECK. 
We should only check for MODE_PRESERVE_ENV when running a command.
 2023-07-17 10:52:23 -06:00
Todd C. Miller
db704c22ec runas_userlist_matches: fix matching a Runas_Spec with an empty runas user. 
We should only match a rule with an empty runas user if a group was
specified on the command line (sudo -g) without a user (no -u option)
or the user specified their own name on the command line.
GitHub issue #290
 2023-07-15 08:44:57 -06:00
Todd C. Miller
625653de08 sudo_term_raw: change the isig argument into a flags field 
There are current two flags: SUDO_TERM_ISIG (enable terminal signals)
and SUDO_TERM_OFLAG (preserve output flags).
 2023-07-14 13:12:51 -06:00
Todd C. Miller
56828f6412 fmt_info_messages: don't include ttyname if it is NULL 
The NULL check was commented out for testing but should have been
restored.  Fixes a potential protocol error message from sudo_logsrvd.
 2023-07-11 14:15:46 -06:00
Todd C. Miller
dc1a5d7b40 sudo_krb5_ccname_path: avoid gcc false positive for ccname being NULL 
The callers all verify that they don't pass a NULL ccname so I'm
not sure how the compiler is getting confused (and why now?).
 2023-07-10 15:21:31 -06:00
Todd C. Miller
d1625f9c83 Only allow the user to specify -D or -R for the special "*" value. 
The sudoers file must now explicitly allow the user to specify a
directory (sudo -D) or chroot (sudo -R) by setting cwd or chroot
to "*".  If a specific cwd or chroot value is set in sudoers, the
user may not use the -D or -R options, even if they match the value
in sudoers.
 2023-07-10 14:30:40 -06:00
Todd C. Miller
cbcb1d2506 sudoers plugin: make more bit flags unsigned. 2023-07-10 11:06:23 -06:00
Todd C. Miller
9f7128fe83 parse_timeout: move overflow check to the correct location 
It was not covering all cases in its original location.
Fixes oss-fuzz issue 60454 with fuzz_sudoers.
 2023-07-08 10:16:35 -06:00
Rose
5d758264ab Give every printf-like function restrict qualifiers 
The format value has to be a string literal, every time.

Otherwise, you are not using these functions correctly. To reinforce this fact, I putrestrict over every non-contrib example of this I could find.
 2023-07-07 20:23:20 -04:00
Todd C. Miller
548e3e3125 testsudoers: avoid extern definitions where possible 2023-07-07 15:23:54 -06:00
Todd C. Miller
32f4b98f6b sudo frontend: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
0c85f10c80 python plugin: silence -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
a38b714667 sudoers plugin: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
0205f6fc75 sudoers_check_common: remove extraneous return statement. 2023-07-07 14:54:10 -06:00
Todd C. Miller
43e914a5d3 Copy, don't append group ID in fill_group() and fill_runas_group() 
This only affects the case where a group ID cannot be resolved.
 2023-07-05 11:49:07 -06:00
Todd C. Miller
2848dddd87 Rename print_usage() to display_usage() 2023-07-04 19:48:41 -06:00
Todd C. Miller
fd061e4d69 Include testsudoers_pwutil.h for testsudoers_pwutil.c prototypes. 2023-07-04 16:24:48 -06:00
Todd C. Miller
f1d9063477 Fix wrapping of libc getpwnam/getpwuid/getgrnam/getgrgid on NetBSD. 2023-07-04 14:14:07 -06:00
Rose
cbed9daa46 Fixed even more signedness and conversion issues 
This should be the last of them.
 2023-07-03 22:07:35 -04:00
Todd C. Miller
e95bd883d7 Promote length/size/offset in struct connection_buffer to size_t. 2023-07-03 17:02:24 -06:00
Todd C. Miller
56a431f7ea Make sudo_pow2_roundup() operate on size_t. 2023-07-03 16:51:05 -06:00
Todd C. Miller
b926df1df2 Make the debug subsystem unsigned. 
It was already unsigned in sudoers but not in the front-end or the
python plugin.  Making this consistent resolves a lot of -Wconversion
warnings.  Also clean up some other -Wconversion warnings in sudo_debug.c.
 2023-07-01 16:14:50 -06:00
Todd C. Miller
04c7e910ef Fix up indentation. 2023-07-01 16:03:33 -06:00
Rose
45fdfa18f1 Mark functions not returning as sudo_noreturn 
We also put NOTREACHED where it applies.
 2023-07-01 17:40:16 -04:00
Todd C. Miller
97e574091a Avoid passing debug_return_size_t() a negative number. 2023-07-01 10:39:25 -06:00
Rose
6ea68d208e Regenerate toke.c using updated flex 
Use the current version of flex to generate toke.c
 2023-07-01 11:47:04 -04:00
Todd C. Miller
5fbf431c42 Fix a few memory leaks in the tests. 2023-06-30 19:08:04 -06:00
Todd C. Miller
ac9b6c94d9 Add test for runas_check_shell and check_user_shell() 2023-06-30 10:43:39 -06:00
Todd C. Miller
bdc8a7f35e testsudoers: add -D and -R options to set cwd and chroot like sudo 2023-06-30 10:43:37 -06:00
Todd C. Miller
01ad570e24 Move check_user_* functions to check_util.c so testsudoers can use them. 2023-06-30 10:43:18 -06:00
Todd C. Miller
689efe3cdd testsudoers: make lbuf private to dump_sudoers() 
It is no longer used directly in main.
 2023-06-29 20:17:22 -06:00
Todd C. Miller
260c2fb835 testsudoers: display "Parse error" if there was a parse error. 
Previously, we just printed "Command unmatched" which makes it
harder to see that an error occurred.
 2023-06-29 20:10:15 -06:00
Todd C. Miller
6a21aec0a6 testsudoers: use allowed/denied/unmatched instead of just matched/unmatched 
This makes it possible to tell whether an entry was rejected due
to a negative match (explicitly denied) as opposed to a non-match.
Also fixes a bug where the runas status was only printed for positive
matches.
 2023-06-29 20:02:32 -06:00
Todd C. Miller
fd25bfc892 testsudoers: use sudoers_lookup() instead of a custom loop. 2023-06-29 17:31:55 -06:00
Todd C. Miller
e025cca440 Add callbacks to sudoers_lookup() so we can use it in testsudoers. 
Also pass in the time to be used for NOTBEFORE/NOTAFTER checks.
 2023-06-29 17:30:39 -06:00
Todd C. Miller
41b82006de Merge pull request #278 from AtariDreams/types 
Avoid compiler casting warnings Part 2
 2023-06-29 12:26:07 -06:00
Todd C. Miller
1c7a20d744 check_user_runcwd: only allow sudo's -D option if sudoers specifies a runcwd. 
Previously, the user could specify the runas user's home dir for
"sudo -i" or the user's existing cwd when -i is not specified.
This behavior was never documented and is inconsistent with how
the -R option is handled.
 2023-06-29 11:24:04 -06:00
Todd C. Miller
2c1a473ddc testsudoers: add support for NOTBEFORE and NOTAFTER 
Also adds -T option to set the value of "now".
 2023-06-29 11:13:01 -06:00
Rose
22079c3072 Avoid compiler casting warnings Part 2 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-29 13:10:27 -04:00
Todd C. Miller
f2a274b061 Rename parse.c -> lookup.c now that it only contains sudoers_lookup. 2023-06-29 10:52:44 -06:00
Todd C. Miller
8b640329d3 Split display_privs() and display_cmnd() out of parse.c into display.c 2023-06-29 10:31:09 -06:00
Rose
e54ba33ea0 Avoid compiler casting warnings by assigning to the same type where possible 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-28 17:25:26 -04:00
Todd C. Miller
e7d4c05ace check_user_runcwd: allow -D option if it matches the cwd in sudoers 
Previously, check_user_runcwd() would return true if the runcwd
matched the user's cwd, even if sudoers specified a different one.
The user-specified runcwd was ignored but it is better to error out
in this case.  It is now also possible to use "sudo -D" with the
directory specified in sudoers.
 2023-06-28 09:59:33 -06:00
Rose
0bb41ed82a Set command_info to NULL once it is freed 
The lack of setting to NULL is a holdover from when command_info was a local variable and not a global one. However, we given how other global variables are set to NULL, it is best that we do the same here to avoid potential issues should sudoers_policy_store_result be called again after the first time failed, otherwise we could get a double-free.
 2023-06-26 15:08:51 -04:00
binlingyu
f8a45e8a54 Modify the is_script function for match_command.c 2023-06-25 11:15:17 +08:00
Todd C. Miller
3bdd2214ad Merge pull request #266 from AtariDreams/c99 
Do variable length arrays the C99 way
 2023-06-20 13:29:30 -06:00