isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,574 Commits 1 Branch 0 Tags
c6987aa26ea12569e65bc7ab18e702b06ab8d715
Commit Graph

60 Commits

Author SHA1 Message Date
Todd C. Miller
b47f1799c5 sudo_conversation_printf: simplify \n -> \r\n handling 2023-07-12 08:39:18 -06:00
Todd C. Miller
a014b0f2aa sudo_conversation: zero out reply even if no password is requested. 
This avoids a potential invalid free in the err label and provides
more predictable behavior when mixing message types in a conversation.
 2023-07-12 08:16:35 -06:00
Todd C. Miller
dbb95ad214 sudo frontend: make more bit flags unsigned. 2023-07-10 11:06:34 -06:00
Rose
5d758264ab Give every printf-like function restrict qualifiers 
The format value has to be a string literal, every time.

Otherwise, you are not using these functions correctly. To reinforce this fact, I putrestrict over every non-contrib example of this I could find.
 2023-07-07 20:23:20 -04:00
Todd C. Miller
32f4b98f6b sudo frontend: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Rose
e54ba33ea0 Avoid compiler casting warnings by assigning to the same type where possible 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-28 17:25:26 -04:00
Todd C. Miller
a5b11a58b7 No need to declare tgetpass_flags, it is already in sudo.h. 2023-03-24 19:10:19 -06:00
Todd C. Miller
803998d2bd Only add trailing carriage return to messages if output is a raw tty. 
If output is being written to a terminal in "raw" mode, we need to
add a carriage return after the newline to avoid "stair-step" output.
However, we should not write the carriage return if the terminal
is in "cooked" mode, output to a pipe, or output redirected to a file.
Bug #1042.
 2022-10-20 08:55:26 -06:00
Todd C. Miller
e2692f1095 Write the \r\n pair to ttyfp if possible, falling back on fp. 
This is consistent with the vfprintf() call and fixes a problem
introduced by the last commit where the newline could be written
before the message instead of after.
 2022-03-15 17:33:58 -06:00
Todd C. Miller
210875796d sudo_conversation_printf: convert trailing nl to cr + nl combo. 
This fixes output when the terminal is in raw mode and is consistent
with how sudo_conversation() behaves.
 2022-03-14 20:11:38 -06:00
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00
Todd C. Miller
cef6e3687e Switch from memset_s() -> explicit_bzero(). 
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
 2020-08-10 19:24:32 -06:00
Todd C. Miller
03ad96e445 Use the fallthrough attribute instead of /* FALLTHROUGH */ comments. 2020-08-01 13:10:50 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
9c90f592c2 Sudo's -S option should override the SUDO_CONV_PREFER_TTY flag. 2020-02-27 14:11:16 -07:00
Todd C. Miller
e0a4b2d68a Fix potential fd leak when converting trailing newline to cr + nl. 
Coverity CID 205872
 2019-11-19 18:57:22 -07:00
Todd C. Miller
ad52ce6612 Check for replies pointer being NULL just in case. 2019-11-11 14:10:13 -07:00
Todd C. Miller
6863a848d6 Convert trailing newline to carriage return + newline for tty. 
Does not currently handle embedded newlines.
 2019-11-09 10:13:56 -07:00
Todd C. Miller
972670bfca Use the SUDO_CONV_PREFER_TTY flag during authentication. 
This prevents the password and PAM prompts from being redirected.
Bug #895
 2019-08-26 19:30:11 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
1385613797 Fix fd leak introduced by SUDO_CONV_PREFER_TTY commit. Coverity CID 186605. 2018-06-15 13:31:58 -06:00
Todd C. Miller
6eadaddc99 Add SUDO_CONV_PREFER_TTY flag for conversation function to tell 
sudo to try writing to /dev/tty first.  Can be used in conjunction
with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.
 2018-06-13 11:19:33 -06:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
53ebf69af3 fputs() is now specified as returning non-negative on success, not 
explicitly zero.  Fixes a failure on glibc.
 2016-05-25 14:50:05 -06:00
Todd C. Miller
e93b4aa681 Don't try to dereference replies[] if it is a NULL pointer. 2016-05-25 14:48:52 -06:00
Todd C. Miller
009f3e6456 Check fputs() return value. 2016-05-14 19:34:42 -06:00
Todd C. Miller
e91a10ce45 Ignore the SUDO_CONV_PROMPT_ECHO_OK flag when echo is enabled. 
This was preventing a match of SUDO_CONV_PROMPT_ECHO_ON which
resulted in a masked password instead of an echoed one.
 2015-10-06 15:21:41 -06:00
Todd C. Miller
04457ecee9 Set active debug instance to sudo_debug_instance() during the 
conversation function.
 2015-09-28 12:28:18 -06:00
Todd C. Miller
98a15d9879 Add a struct sudo_conv_callback that contains on_suspend and on_resume 
function pointer args plus a closure pointer and at it to the
conversation function.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
cb63ca701c Avoid using exiting allocators in the front end. 2015-06-17 17:00:54 -06:00
Todd C. Miller
bd99dcc028 Add sudo_warn_set_conversation() to specify a conversation function 
to use for warn/fatal.  If no conversation function is specified,
the standard error will be used.  We now only need sudo_printf()
for things that use the parser.
 2014-10-05 16:41:52 -06:00
Todd C. Miller
398a16c6af Remove remaining use of SUDO_CONV_DEBUG_MSG. 2014-09-08 16:37:33 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
2fe41248ac Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. 
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
 2012-04-04 16:59:31 -04:00
Todd C. Miller
f689afb5ee Fix non-dynamic (no dlopen) sudo build. 2011-11-13 21:24:54 -05:00
Todd C. Miller
65b781a2ef Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing 
directly to the debug file.
 2011-11-13 13:55:19 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
53e3ad11b5 New debug framework for sudo and plugins using /etc/sudo.conf that 
also supports function call tracing.
 2011-10-22 14:00:52 -04:00