isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,574 Commits 1 Branch 0 Tags
c6987aa26ea12569e65bc7ab18e702b06ab8d715
Commit Graph

1652 Commits

Author SHA1 Message Date
Todd C. Miller
c0a12d9d95 Be sure to include sudo_queue.h where needed instead of relying on other headers. 2019-02-19 08:31:08 -07:00
Todd C. Miller
3788c65483 Fix memory leak when there are no network interfaces or an error occurs. 2019-02-02 13:55:30 -07:00
Todd C. Miller
985600e7f0 Minor snprintf() usage tweaks: 
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
 2019-01-20 07:49:48 -07:00
Todd C. Miller
64d08d8bf2 Update copyright year 2019-01-03 11:09:00 -07:00
Todd C. Miller
b2f7983c84 Fix setting of utmp entry when running command in a pty. 
Regression introduced in sudo 1.8.22.
 2019-01-02 07:39:33 -07:00
Todd C. Miller
e91e5ee820 Don't run the command in a pty if no I/O plugins are logging anything. 
That way an I/O plugin that doesn't actually log anything won't cause
the command to be run in a pty.
 2018-12-05 10:43:14 -07:00
Todd C. Miller
ecd9688818 Add support for utmps as found in HP-UX. 2018-11-18 07:45:43 -07:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
019279a4b8 Fix some mangled text in the license block. 2018-10-26 08:19:41 -06:00
Todd C. Miller
cb588f2337 Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c. 
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree.  This
is not a problem as it just contains stub functions.
 2018-10-22 09:12:17 -06:00
Todd C. Miller
c5df091123 Add pvs-studio target and associated production rules. 2018-10-21 08:46:05 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
8c94175ba1 Avoid some PVS-Studio false positives. 2018-10-19 13:35:20 -06:00
Todd C. Miller
e9dec0f8d2 Remove some calls to sudo_fatalx(); just propagate the error return. 2018-10-19 13:35:05 -06:00
Todd C. Miller
6a85992b34 No need to check if fd_dst is -1 in sudoedit mode. 
Failure to open the destination sudoedit file is fatal so there's
no need to check that fd_dst != -1 later on.  Found by PVS-Studio.
 2018-10-19 13:33:37 -06:00
Todd C. Miller
fbf396e336 If the user's passwd entry cannot be resolved via the uid, use the 
same error message as visudo.
 2018-10-13 06:19:03 -06:00
Todd C. Miller
b89cf34b53 Replace sudo_fatal(NULL) with an "unable to allocate memory" message 
that includes the function name.
 2018-10-12 08:39:12 -06:00
Todd C. Miller
9e269e0acd Make EOF handling while reading the password prompt more like getpass(3). 
We now return the password as long as at least one character has
been read.  Previously, EOF at the password prompt was treated as
if nothing was entered.
 2018-10-09 14:20:13 -06:00
Todd C. Miller
ab2cba0f5d Print a warning for password read issues. 
Issues include: timeout at the password prompt, read error while
reading the password, and EOF reading the password.
 2018-10-09 13:25:52 -06:00
Todd C. Miller
2b56252210 Handle EOF on password input when pwfedback is enabled. 2018-10-08 06:47:53 -06:00
Todd C. Miller
cf07dc0757 Add a suspend event type to the I/O log to log suspend/resume of 
the command so we can skip that delay during replay.
 2018-10-05 14:16:08 -06:00
Todd C. Miller
e2570307e6 Initialize the pty rows/cols based on the values we stored in user_details. 
This fixes a minor issue where we would send an extra window size
change event the first time the command was suspended.
 2018-10-05 14:04:29 -06:00
Todd C. Miller
9abcd61607 Remove unused system_maxgroups argument from fill_group_list(). 2018-09-22 12:56:11 -06:00
Todd C. Miller
59e5e379be Move the loop to free the monitor_messages list into free_exec_closure_pty() 2018-08-23 11:10:57 -06:00
Todd C. Miller
fe58062547 Cast uid/gid to unsigned int before printing. 2018-08-22 12:58:24 -06:00
Todd C. Miller
aaefdd7575 Include stddef.h for offsetof() definition. 2018-08-22 10:27:33 -06:00
Todd C. Miller
5cca421867 Close the pty slave in the parent so that when the command and 
monitor exit, the pty gets recycled without our having to close
it directly.
 2018-08-20 10:04:15 -06:00
Todd C. Miller
6953e7fc79 Move updating of the window size to the monitor process. 
This will allow us to close the slave in the main sudo process in
the future so only the command and monitor have it open.
 2018-08-20 10:04:14 -06:00
Todd C. Miller
69541be94a Handle the case where O_PATH or O_SEARCH is defined but O_DIRECTORY 
is not.  In theory, O_DIRECTORY is redundant when O_SEARCH is
specified but it is legal for O_EXEC and O_SEARCH to have the same
value.  Bug #844
 2018-08-18 07:06:54 -06:00
Todd C. Miller
7d014dfacd Avoid a compilation problem on HP-UX 11.31 with gcc and machine/sys/getppdp.h 2018-08-17 13:25:46 -06:00
Todd C. Miller
dc1e0e7168 Work around a bug on AIX where closing the pty slave causes the 
main sudo process to lose its controlling tty (which was *not* the
pty slave).
 2018-07-23 11:37:26 -06:00
Todd C. Miller
5d31be96a7 Add missing aix_restoreauthdb() call to match the aix_setauthdb() 
added in b8a011be9af7.  Fixes issues on AIX where local users/groups
may not be resolved when some NIS/AD/LDAP is used for users.
 2018-07-23 10:36:08 -06:00
Todd C. Miller
c57ca74405 Use new sudo_getgrouplist2() function instead of getgrouplist(). 2018-06-15 14:05:14 -06:00
Todd C. Miller
1385613797 Fix fd leak introduced by SUDO_CONV_PREFER_TTY commit. Coverity CID 186605. 2018-06-15 13:31:58 -06:00
Todd C. Miller
6eadaddc99 Add SUDO_CONV_PREFER_TTY flag for conversation function to tell 
sudo to try writing to /dev/tty first.  Can be used in conjunction
with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.
 2018-06-13 11:19:33 -06:00
Todd C. Miller
8b63ec654a FreeBSD wordexp() returns WRDE_SYNTAX if it can't write to the shell 
process.  Since we've prevented execve() from succeeding this is
the error we get back from wordexp() on FreeBSD.
 2018-06-05 15:37:16 -06:00
Todd C. Miller
cf9c0102d4 Only set MODE_PRESERVE_ENV when preserving the entire environment. 
Fixes a problem introduced in 1.8.23 where "sudo -i" could not be
used in conjunction with --preserve-env=VARIABLE.  Bug #835
 2018-05-16 09:10:43 -06:00
Todd C. Miller
8eccfbd7bd Fix a memory leak on the error path. 2018-04-18 10:09:22 -06:00
Todd C. Miller
18e06825fb Plug memory leak when an I/O plugin is specified in sudo.conf 
but the I/O plugin is not configured.
 2018-04-17 13:41:44 -06:00
Todd C. Miller
5ae557e308 Check sudoedit temporary directory for writability before using it. 2018-04-04 21:05:59 -06:00
Todd C. Miller
a42cf67acb In pty_close() we still need to check whether the pty master and 
slave fds are open before closing them.  When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
 2018-03-27 16:00:08 -06:00
Todd C. Miller
2336496347 In pty_close() there is no need to remove events associated with 
the pty slave as there are none.  We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
 2018-03-26 06:28:23 -06:00
Todd C. Miller
4df454310d In pty_close() close the slave and remove any events associated 
with it.  Fixes a potential hang when performing the final flush
on non-BSD systems.
 2018-03-25 06:03:19 -06:00
Todd C. Miller
b06e046835 Add aix_setauthdb() before the initial getpwuid() call. 2018-03-17 07:49:08 -06:00
Todd C. Miller
217e0a9b4b Less confusing sysctl checks for kinfo_proc. 2018-03-05 17:35:02 -07:00
Todd C. Miller
4b29e0bd70 Restore line to set MODE_PRESERVE_ENV in flags when the -E command 
line option is used.  The caller doesn't check MODE_PRESERVE_ENV
these days but parse_args uses it to detect usage errors when -E
is used along with a mutually excusive option.  Problem found by
Yuriy Vostrikov.
 2018-02-28 07:05:36 -07:00
Todd C. Miller
faa5baac9b Use setpassent() and setgroupent() on systems that support it to 
keep the passwd and group database open.  Sudo does a lot of passwd
and group lookups so it can be beneficial to just leave the file
open.
 2018-02-20 13:22:59 -07:00
Todd C. Miller
d5d170252a In pty_cleanup() we need to call sudo_term_restore() even if no I/O 
plugins are present as long as /dev/tty exists.  Fixes the use_pty
case with no I/O plugins.
 2018-02-19 11:00:12 -07:00
Todd C. Miller
42fe0409f6 Add sudo_ev_dispatch(), a wrapper for ev_loop() with no flags. 
Similar the dispatch function in libevent.
 2018-02-19 11:00:10 -07:00
Todd C. Miller
a885b952fb Remove use of AC_HEADER_TIME, only obsolete platforms actually 
need this.  Also stop removing sys/time.h unless the source file
uses struct timeval.
 2018-01-17 09:52:15 -07:00