isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,956 Commits 1 Branch 0 Tags
c3f138eaa23021cb75fb1632b4311a3e302a124e
Commit Graph

11956 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
c3f138eaa2 Merge pull request #210 from BornThisWay/1121_typo 
Fix some typos
 2022-11-21 07:08:46 -07:00
modric
cbdc4883d1 Fix some typos 2022-11-21 14:50:22 +08:00
Todd C. Miller
6a5546b11f Merge pull request #208 from BornThisWay/1121_return 
intercept_read: Print and then return.
 2022-11-20 19:20:03 -07:00
modric
b1af59aa56 intercept_read: Print and then return. 2022-11-21 09:57:14 +08:00
Todd C. Miller
496ae6e6f0 Merge pull request #205 from BornThisWay/1119_access_null_pointer 
sudo_mmap_strdup_v1: Fix potential NULL pointer deref
 2022-11-20 07:44:46 -07:00
modric
1eabf13577 sudo_mmap_strdup_v1: Fix potential NULL pointer deref 2022-11-20 20:06:55 +08:00
Todd C. Miller
9c694e9a65 copy_vector: plug memory leak in error path 
Only the array was being freed, not the contents.
GitHub issue #202.
 2022-11-18 07:19:47 -07:00
Todd C. Miller
981cc2f8e3 Better matching of macOS version to SDK path. 2022-11-17 14:26:55 -07:00
Todd C. Miller
ad220d72d4 Merge pull request #200 from BornThisWay/fix_mem_leak_converse 
Fix memory leak of pass in converse().
 2022-11-17 08:16:40 -07:00
Todd C. Miller
b3834bbf24 sudo_passwd_cleanup: Set auth->data to NULL after freeing. 
GitHub issue #201
 2022-11-17 08:10:35 -07:00
modric
f5cae905ca Fix memory leak of pass in converse(). 2022-11-17 16:08:59 +08:00
Todd C. Miller
0044893961 Use AC_SYS_YEAR2038 instead of setting _TIME_BITS by hand. 2022-11-16 19:29:22 -07:00
Todd C. Miller
4af5e6293c Update macros from autoconf-archive. 2022-11-16 19:24:42 -07:00
Todd C. Miller
fe8e1f3d38 Fix typo; excerise -> exercise 2022-11-16 19:23:11 -07:00
Todd C. Miller
920d384941 Regenerate with the autoconf 2.72a pre-release. 2022-11-16 10:26:08 -07:00
Todd C. Miller
03559d0770 Replace foo in descriptions with 'foo' 2022-11-16 10:10:20 -07:00
Todd C. Miller
cc0615059f Fix insufficient quoting in AC_CHECK_LIB() calls. 2022-11-16 10:22:28 -07:00
Todd C. Miller
096eacb21c If AUTOCONF_VERSION is unset, use version 2.71 not 2.69. 2022-11-16 10:11:21 -07:00
Todd C. Miller
bef72f76f6 Add -Wvla and -Walloca to --enable-warnings 2022-11-15 11:05:42 -07:00
Todd C. Miller
3ecfa025b8 sudo_debug_group_list: short-circuit if groups is NULL 2022-11-11 11:05:12 -07:00
Todd C. Miller
3cfba230c5 configure: only check for getauxval() if getentropy() is missing. 2022-11-11 11:04:58 -07:00
Todd C. Miller
28dbad3342 Remove checks for random() and lrand48(), they are no longer used. 
Also remove duplicate checks for arc4random() and getentropy().
 2022-11-11 09:37:49 -07:00
Todd C. Miller
3d0fcc0ff2 Skip check for cpp variadic macro support if the compiler supports C99. 2022-11-11 09:09:31 -07:00
Todd C. Miller
6b005e8114 HI-UX/MPP is based on OSF-1, not HP-UX 
Completely untested.
 2022-11-11 08:45:58 -07:00
Todd C. Miller
a142bc1830 Only check for utmps.h on HP-UX. 2022-11-11 08:32:41 -07:00
Todd C. Miller
a3684d7f3b Only check for sys/syscall.h on Linux. 
We only use it in the Linux-specific getentropy() emulation code.
 2022-11-11 08:11:26 -07:00
Todd C. Miller
feba299f22 configure: avoid running unnecessary tests on modern systems. 
Remove AC_SYS_POSIX_TERMIOS, AC_TYPE_MODE_T, AC_TYPE_UID_T.
Add missing checks for int16_t, uint16_t, int32_t, and int64_t.
Only check for intmax_t, uintmax_t and bit-width types if missing
both inttypes.h and stdint.h.
Remove unused clockid_t replacement.
 2022-11-11 07:05:26 -07:00
Todd C. Miller
b8e9fc1b12 Add a regress check for the cvtsudoers filter crash. 
GitHub issue #198.
 2022-11-11 07:05:24 -07:00
Todd C. Miller
264326de57 Fix a potential use-after-free bug with cvtsudoers filtering. 
In role_to_sudoers() when merging a privilege to the previous one
where the runas lists are the same we need to re-use the runas lists
of the last command in the previous privilege, not the first.
Otherwise, the check in free_cmndspec() will not notice the re-used
runas lists.  Reported/analyzed by Sohom Datta.  GitHub issue #198.
 2022-11-10 14:55:56 -07:00
Todd C. Miller
5683fc6f7a The name of the C locale w/ UTF-8 support is not always C.UTF-8. 
Use a pattern to find it (if present) and use that value instead
of hard-coding C.UTF-8.  This works around a leak sanitizer crash
on certain inputs.
 2022-11-11 07:05:21 -07:00
Todd C. Miller
75008a0570 Copy some LDIF test data from the cvtsudoers tests to the seed corpus. 
This includes a test to exercise the fix in PR #196.
 2022-11-10 09:54:59 -07:00
Todd C. Miller
455f250ac5 Set LDAP base for sudoers_parse_ldif(). 
Without this set the fuzzer will not exercise the dn parsing.
 2022-11-10 09:34:44 -07:00
Todd C. Miller
82150340a6 Include linux/elf.h, not elf.h to make sure we get NT_ARM_SYSTEM_CALL. 
The NT_PRSTATUS define is present in both files.
 2022-11-10 08:08:09 -07:00
Todd C. Miller
3e8497b5ce Remove CMSG_* compatibility macros, they are no longer used. 2022-11-09 15:24:28 -07:00
Todd C. Miller
ecb5526fc8 Add missing include of sys/stat.h 2022-11-09 14:48:38 -07:00
Todd C. Miller
8b06bdc121 Move forward declaration of struct stat before its first use. 2022-11-09 14:02:13 -07:00
Todd C. Miller
0b1335f54e Use a consistent base when testing cvtsudoers conversion from ldif. 2022-11-09 13:00:48 -07:00
Todd C. Miller
8b898b2ca2 Test parsing LDIF when a backslash is the last char of the file. 
If run with address sanitizer, this test will crash when the fix
in ceaf706ab74b is reverted.
 2022-11-09 12:58:41 -07:00
Todd C. Miller
685150586d Merge pull request #196 from sohomdatta1/main 
Prevent cvtsudoers from reading into undefined memory
 2022-11-09 11:51:33 -07:00
Sohom
902271f441 [cvtsudoers]: Prevent sudo from reading into undefined memory 2022-11-09 23:46:39 +05:30
Todd C. Miller
9f948224ac sudo_passwd_verify: zero out des_pass before returning. 2022-11-08 13:17:11 -07:00
Todd C. Miller
045d08bec9 Pass sudo's process ID to suspend_sudo_nopty() since we already know it. 
Saves an unnecessary getpid(2) call.
 2022-11-07 14:51:43 -07:00
Todd C. Miller
f87fac3b55 Don't kill the parent process group on suspend if it is not sudo's pid. 
If sudo is not the process group leader we must only send the suspend
signal to sudo itself.  When sudo is run via a shell script, it
usually has the same process group as the shell script interpreter.
We do not want to suspend the script itself when the command run
by sudo is suspended.
 2022-11-07 14:51:43 -07:00
Todd C. Miller
bbe4fbaaae Call terminate_command() with use_pgrp = false when not running in a pty. 
When sudo runs a command in the user's existing terminal the command
is run in the same process group as sudo itself.  The proper way
to terminate it is to use kill(2), not killpg(3)
 2022-11-07 14:51:42 -07:00
Todd C. Miller
36742deec3 Fix handling of signal forwarding when running commands in a script. 
We need to forward signals from a process in the same pgrp if the
pgrp leader is not either sudo or the command itself.
 2022-11-07 14:51:41 -07:00
Todd C. Miller
c7071f6da0 Make test_ptrace compile again after recent changes. 2022-11-07 14:51:39 -07:00
Todd C. Miller
8db1eb0c8b Update the cwd for log_subcmds too. 
Fixes a problem for intercept_method=trace when running a relative
command from a different directory than what sudo ws started from.
GitHub issue #194
 2022-11-07 12:14:15 -07:00
Todd C. Miller
3df1e9a073 sudo 1.9.12p1 2022-11-04 14:19:27 -06:00
Todd C. Miller
7ba3184708 Include time.h for struct timespec used by sudo_iolog.h. 2022-11-03 14:39:33 -06:00
Todd C. Miller
b2c8e1b1b9 Display sudo_mode in hex in debug log. 
This makes it easier to match against the MODE_ defines.
 2022-11-03 12:03:08 -06:00