isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,574 Commits 1 Branch 0 Tags
c6987aa26ea12569e65bc7ab18e702b06ab8d715
Commit Graph

102 Commits

Author SHA1 Message Date
Todd C. Miller
46e6955ba6 Eliminate some clang analyzer false positives. 2023-08-21 10:47:32 -06:00
Todd C. Miller
0b03511b85 Log source in JSON logs 
This makes it possible to tell which rule resulted in a match.
 2023-08-08 09:56:19 -06:00
Todd C. Miller
432ac12128 Pass TEST_VERBOSE to all test programs. 2023-07-20 10:13:40 -06:00
Rose
5d758264ab Give every printf-like function restrict qualifiers 
The format value has to be a string literal, every time.

Otherwise, you are not using these functions correctly. To reinforce this fact, I putrestrict over every non-contrib example of this I could find.
 2023-07-07 20:23:20 -04:00
Todd C. Miller
c95423a8f9 libevent: silence -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
04c7e910ef Fix up indentation. 2023-07-01 16:03:33 -06:00
Rose
45fdfa18f1 Mark functions not returning as sudo_noreturn 
We also put NOTREACHED where it applies.
 2023-07-01 17:40:16 -04:00
Rose
e54ba33ea0 Avoid compiler casting warnings by assigning to the same type where possible 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-28 17:25:26 -04:00
Rose
459a49b1fe Prefer size_t over int, as casting can take extra instructions 2023-05-03 15:18:05 -04:00
Todd C. Miller
8c85fefaee Plug memory leaks in store_sudo_test found by LSAN. 2023-04-25 09:28:34 -06:00
Todd C. Miller
3f5e7df3cd Add lib dependencies for fuzzer and test targets. 2023-03-15 13:13:38 -06:00
Todd C. Miller
7683ba1b88 eventlog_free: free peeraddr 2023-03-15 11:38:42 -06:00
Todd C. Miller
1b3991b717 Add tests for JSON and sudo-style log output. 2023-03-13 19:42:54 -06:00
Todd C. Miller
0f46ffa9f1 Add support for parsing all fields of struct eventlog. 2023-03-14 11:24:02 -06:00
Todd C. Miller
918af413f3 Add missing definition of $(SED). 2023-03-13 15:03:58 -06:00
Todd C. Miller
86ab362fd4 Move JSON log parsing from libsudo_iolog.la to libsudo_eventlog.la 
It will be used in the upcoming log output tests.
 2023-03-13 15:02:03 -06:00
Todd C. Miller
12648b4e0a Add missing " ; " separator between environment variables and command. 
This is a regression introduced in sudo 1.9.13.
GitHub issue #254.
 2023-03-13 08:04:32 -06:00
Todd C. Miller
2845ceafb0 Handle "locale -a" returning both C.UTF-8 and C.utf8. 
It is possible to have mutiple matches from the output of "locale
-a".  Just take the first one.  Fixes GitHub issue #241.
 2023-02-15 13:49:04 -07:00
Todd C. Miller
b333d16878 Add eventlog_mail() to send a log message via mail. 
This is used by mail_parse_errors() to send multi-line messages.
Previously, the newlines would be escaped as control characters.
 2023-02-09 11:09:24 -07:00
Todd C. Miller
b6caacfe4e send_mail: pass a single string instead of using varargs 
These days we only ever pass in a const string.
 2023-02-09 11:09:03 -07:00
Todd C. Miller
2d9c0d9034 Add eventlog_store_sudo() and use it in sudoreplay. 
This replaces the custom log formatting used by "sudoreplay -l".
 2023-01-22 15:27:53 -07:00
Todd C. Miller
334daf92b3 Escape control characters in log messages and "sudoreplay -l" output. 
The log message contains user-controlled strings that could include
things like terminal control characters.  Space characters in the
command path are now also escaped.

Command line arguments that contain spaces are surrounded with
single quotes and any literal single quote or backslash characters
are escaped with a backslash.  This makes it possible to distinguish
multiple command line arguments from a single argument that contains
spaces.

Issue found by Matthieu Barjole and Victor Cutillas of Synacktiv
(https://synacktiv.com).
 2023-01-18 08:21:34 -07:00
Todd C. Miller
797cc917a8 Add basic regress for JSON functions. 
Fix a bug in escaped control character handling.
Roll back changes to buffer if sudo_json_add_value() fails.
 2022-12-15 19:49:11 -07:00
Todd C. Miller
3df7b64d80 Fix failure in check targets when there is no UTF-8 C locale. 2022-12-06 16:26:34 -07:00
Todd C. Miller
e707ffe58b Place C23 attributes before keywords in function declarations. 
In practice this means we must use "sudo_noreturn static foo(void)"
instead of "static sudo_noreturn foo(void)".
 2022-12-01 12:54:53 -07:00
Todd C. Miller
5683fc6f7a The name of the C locale w/ UTF-8 support is not always C.UTF-8. 
Use a pattern to find it (if present) and use that value instead
of hard-coding C.UTF-8.  This works around a leak sanitizer crash
on certain inputs.
 2022-11-11 07:05:21 -07:00
Todd C. Miller
57b5ff8e8c Avoid a -Wshadow warning on Solaris 9. 2022-10-07 11:00:17 -06:00
Todd C. Miller
d2a13a8154 Fix typos found by codespell 2.2.1. 2022-09-28 16:39:19 -06:00
Todd C. Miller
304726a215 Move gcc-style __attribute__ macros to config.h.in 
Renamed __malloc -> sudo_malloclike, __printflike -> sudo_printflike,
__printf0like -> sudo_printf0like.
Add sudo_noreturn instead of __attribute__((__noreturn__)).
We do not use stdnoreturn.h since it has been deprecated in C23
in favor of the [[noreturn]] attribute.
 2022-09-07 07:48:31 -06:00
Todd C. Miller
a326411903 Use $(GREP) and $(EGREP) variables in Makefile.in files. 2022-09-12 16:30:52 -06:00
Todd C. Miller
f6e4d2765a Add explicit include of unistd.h for getopt(3) and related variables. 2022-07-05 11:35:25 -06:00
Todd C. Miller
3e21c8da5c Add missing PVS Studio Open Source comments. 
Also avoid checking protobuf-c source and protobuf-c generated files.
 2022-06-29 09:45:04 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
dcb2fb26a5 Rename SSP_(C|LD)FLAGS -> HARDENING_(C|LD)FLAGS 2022-04-01 11:14:59 -06:00
Todd C. Miller
de47380350 Block SIGCHLD when forking the mailer. 
Otherwise, it may be picked up by the signal handler instead of our
waitpid(2) call.
Don't warn if waitpid() returns 0 in a SIGCHLD handler.
 2022-03-14 13:54:12 -06:00
Todd C. Miller
1f64aca229 Unset LANGUAGE when running tests, otherwise it may override LC_ALL. 
Bug #1025.
 2022-03-14 13:51:03 -06:00
Todd C. Miller
eb2803c3e9 For alert messages, the command or runuser may not be set. 
This fixes the logging of parse errors when JSON logging is enabled.
 2022-03-10 13:59:34 -07:00
Todd C. Miller
346dce4358 Remove extra newline in sudo_warnx() calls. 2022-03-06 18:56:28 -07:00
Todd C. Miller
c131b27474 For 'make check-verbose' run fuzzers with -verbose=1 
This is the default for libFuzzer but not for the stub fuzzer lib.
 2022-03-03 10:45:56 -07:00
Todd C. Miller
cdee5d48da Add check-verbose Makefile target that runs tests in verbose mode. 2022-03-02 13:32:08 -07:00
Todd C. Miller
43cc80d795 Add -v option parsing to regress tests, currently a no-op. 
This will be used by a "check-verbose" target in the future.
 2022-03-02 11:09:51 -07:00
Todd C. Miller
330b4e821b For alert messages it is possible for evlog to be NULL. 
Coverity CID 238641
 2022-02-23 20:55:46 -07:00
Todd C. Miller
274468d7d2 do_logfile_sudo: plug memory leak of full_line 
Coverity CID 249329
 2022-02-15 19:53:35 -07:00
Todd C. Miller
803fc56bef eventlog_free: free signal_name too 2021-10-19 13:14:37 -06:00
Todd C. Miller
bddf03fe45 No longer need to pass exit params to eventlog_exit(), use struct eventlog. 
Now that struct eventlog includes the exit parameters we can simplify
how eventlog_exit() is called.
 2021-10-19 08:58:34 -06:00
Todd C. Miller
77c339858d Handle a missing run_time in an ExitMessage. 
It is now possible to pass a NULL run_time to eventlog_exit().
 2021-10-18 15:34:48 -06:00
Todd C. Miller
f73bc6dee3 format_json: fix pasto when setting dumped_core boolean 2021-10-19 08:46:28 -06:00
Todd C. Miller
518bc1b25f Only append argv[] to the log line if argv[0] is not NULL. 
It should not be possible to reach this point with a command defined
but argv[] empty but it doesn't hurt to check.
 2021-09-19 13:56:56 -06:00
Todd C. Miller
49bf0cc84b Use localtime_r() not gmtime_r() when formatting the local time. 
This is consistent with how sudo formatted time stamps prior to
the logging code being split off into libeventlog.
We only need to use gmtime_r() for ISO 8601 time.
 2021-09-17 14:01:29 -06:00
Todd C. Miller
55171df5e5 Check strftime(3) return value in all cases. 
Old versions of strftime(3) didn't guarantee to NUL-terminate the buffer
so we explicitly clear the last byte of the buffer and check it.
 2021-09-17 14:01:28 -06:00