isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,751 Commits 1 Branch 0 Tags
d160dac35522b54ee5c7591c66cffd0a8d4b5f6c
Commit Graph

10751 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
41eae91206 If sudo_getgrouplist2() returns -1, clamp ngroups based on max_groups. 
The ngroups parameter is an out parameter that is filled in with
the actual number of groups, which may be less than the static
number allocated when max_groups is set in sudo.conf.
Fixes a potential out of bounds read found by LLVM libFuzzer.
 2021-02-13 11:54:21 -07:00
Todd C. Miller
e89a8133ac Reset sudoers path, owner and mode before parsing plugin arguments. 
This is only needed when calling sudoers_policy_deserialize_info()
more than once, which is true for the policy fuzzer.
 2021-02-12 21:15:36 -07:00
Todd C. Miller
197d6600fa Cleanup sudoers sources on denial and error too. 2021-02-12 19:52:11 -07:00
Todd C. Miller
520db741b5 Fix sudo_getgrgid reference count bug when gid doesn't exist. 
This one was missed when the other user/group lookup functions
were fixed.
 2021-02-12 19:27:47 -07:00
Todd C. Miller
df2931588a Fuzz sudoers policy module API. 
Includes a test case to reproduce CVE-2021-3156.
 2021-02-12 15:36:18 -07:00
Todd C. Miller
ed79627699 Plug memory leak if there are duplicate user_info entries. 2021-02-12 19:04:37 -07:00
Todd C. Miller
eedc72d7b9 Make fuzz targets depend on fuzzer stub library. 
We really want a dependency on $(LIB_FUZZING_ENGINE) but that could
be a flag like "-fsanitize=fuzzer" instead of a path.
 2021-02-12 15:35:18 -07:00
Todd C. Miller
a9f204aef8 regen 2021-02-12 15:31:26 -07:00
Todd C. Miller
1f97ef92b7 Move audit.c from libparsesudoers to the sudoers module itself. 
Now that audit.c contains the audit module it doesn't belong in
libparsesudoers.
 2021-02-12 11:13:52 -07:00
Todd C. Miller
942b11149c Do not pass AX_APPEND_FLAG more than a single flag. 
GitHub issue #92
 2021-02-12 07:16:32 -07:00
Todd C. Miller
53e3dca7a6 Fix up some .la file library dependencies. 
libsudo_iolog.la already depends on libsudo_util.la and libsudo_eventlog.la
so we don't need to list those explicitly when libsudo_iolog.la is listed.
 2021-02-10 16:47:38 -07:00
Todd C. Miller
0663ffbc3f Use sudo_basename() instead of doing the equivalent manually. 2021-02-10 15:14:08 -07:00
Todd C. Miller
41fa461fe1 Add a GNU-compatible version of basename(3). 
Unlike POSIX basename(3), the GNU variant does not modify its argument.
Note that basename of a path ending in "/" returns an empty string.
 2021-02-10 14:26:26 -07:00
Todd C. Miller
bbfd430cf9 feof(3) returns non-zero at EOF, not necessarily 1. 
On Illumos at least it returns a value other than 1.
 2021-02-09 18:25:03 -07:00
Todd C. Miller
cbf73e19bb Portable workaround for getdelim(3) implementations modify buf on EOF. 
We should assume that the contents of buf are undefined when getdelim(3)
returns -1.  We now peek ahead one char and skip the getdelim(3) call if
EOF is detected.  This will preserve the original value of the last line.
 2021-02-09 18:23:23 -07:00
Todd C. Miller
cf18011466 Some getdelim(3) implementations write a NUL to the buffer on EOF. 
AIX and Illumos appear to have this behavior.  We now preserve the
first character of the buffer on EOF to work around this.
Fixes reporting of syntax errors on the last line of a file.
 2021-02-09 09:06:17 -07:00
Todd C. Miller
1412695a4a Fuzz the example sudoers file, not the default one. 
The default sudoers uses @includedir which can result in different
output, depending on the permissions of /etc/sudoers.d.
 2021-02-09 09:04:05 -07:00
Todd C. Miller
a527c583dc illumos has a broken fmemopen(3), don't use it. 2021-02-09 08:59:11 -07:00
Todd C. Miller
e392646ed4 Add configure check for SSIZE_MAX 2021-02-08 18:38:17 -07:00
Todd C. Miller
91351d57f4 Suppress PVS Studio false positives. 2021-02-08 16:31:03 -07:00
Todd C. Miller
63d043fae2 Silence a clang analyzer false positive. 2021-02-08 16:16:23 -07:00
Todd C. Miller
3d55bca8ac Silence a clang analyzer false positive. 2021-02-08 16:06:08 -07:00
Todd C. Miller
722759d0b9 Fix CID 217123, size check always false on 64-bit systems. 2021-02-08 15:57:19 -07:00
Todd C. Miller
aae168c485 Make open_sudoers() always return NULL like fuzz_sudoers.c 2021-02-08 14:20:40 -07:00
Todd C. Miller
19d8d4a549 Update *.toke.ok now that lexer doesn't call sudoerserror() itself. 2021-02-08 13:46:33 -07:00
Todd C. Miller
04de04f544 The lexer now sets an error string before returning ERROR. 
The parser will use that when reporting on an ERROR state.  This
prevents the lexer from reporting errors about tokens that are not
actually consumed by the parser and we don't have to worry about
both the lexer and the parser reporting errors.  It also means we
only get one error per sudoers line.
 2021-02-08 13:43:49 -07:00
Todd C. Miller
9325a342b5 Go back to storing the last error file/line in sudoerserrorf(). 
This is still the best way to avoid displaying more than one error
per line.
 2021-02-08 08:00:04 -07:00
Todd C. Miller
a046e3bbb0 Add -fsanitize=fuzzer-no-link to ASAN_LDFLAGS too, not just ASAN_CFLAGS. 2021-02-08 05:27:26 -07:00
Todd C. Miller
63a3f62547 Add fuzz Makefile target and run fuzzer corpus in make check. 2021-02-08 04:56:17 -07:00
Todd C. Miller
30d9497eb6 Add stub library that just feeds files to the fuzzing target. 
This will allow the fuzzers to be run as part of "make check".
 2021-02-07 15:43:51 -07:00
Todd C. Miller
db4ee0a903 Append to CFLAGS and LDFLAGS instead of overriding them when adding -m64. 2021-02-07 15:38:11 -07:00
Todd C. Miller
a72d743ec8 Fall back to a temp file if fmemopen() is not available(). 2021-02-07 13:56:15 -07:00
Todd C. Miller
c19cb388bc Add missing return statement when NO_LEAKS is not defined. 2021-02-07 13:37:21 -07:00
Todd C. Miller
c140b5942c Remove remnants of liblogsrv. 2021-02-07 08:58:41 -07:00
Todd C. Miller
55df5efdce Add --enable-fuzzer-linker and --enable-fuzzer-engine options. 
These will allow the fuzzers to be built as part of oss-fuzz.
 2021-02-07 05:52:45 -07:00
Todd C. Miller
38f1e55cdc Sync ignore files. 2021-02-06 16:42:07 -07:00
Todd C. Miller
a3dae6f2c9 Fix linking of sudoers fuzzers with static libsudo_util. 2021-02-06 16:25:50 -07:00
Todd C. Miller
6216fb3cca Add --enable-fuzzer option to use when building fuzzers 2021-02-06 13:28:39 -07:00
Todd C. Miller
7a2a211dfc Replace --enable-asan with --enable-sanitizer 
It is not possible to set the sanitizer flags at configure time.
 2021-02-06 12:42:11 -07:00
Todd C. Miller
4480e26972 Build (but don't run) fuzzers as part of "make check". 
Uses a stub to make it possible to link w/o libfuzzer.
The goal is to ensure the fuzzers are always buildable and avoid bit rot.
 2021-02-06 08:38:38 -07:00
Todd C. Miller
ecaa9cd08d Add libsudo_eventlog.la as a dependency of libsudo_iolog.la 
No longer need to link against libsudo_eventlog.la in sudoers.
 2021-02-06 08:36:01 -07:00
Anton Bershanskiy
fecb68617d Fix comment typo in src/copy_file.c 2021-02-06 12:23:31 -07:00
Todd C. Miller
1c02c14c35 Add more test files for fuzzers. 2021-02-05 19:30:00 -07:00
Daniel Milnes
d51c49789e Fix the typo in the mdoc 2021-02-05 16:03:55 -07:00
Daniel Milnes
2b2e5d0c40 Fix a tiny typo in the Sudo manpage 2021-02-05 16:03:55 -07:00
Todd C. Miller
5c2a21350d fuzzer for I/O log timing files 2021-02-04 19:22:15 -07:00
Todd C. Miller
47f08e986f In JSON, name/value pairs must be separated by a comma. 
Previously we didn't require the comma to be there.
 2021-02-04 18:01:53 -07:00
Todd C. Miller
92cf172eda Detect integer overflow when converting JSON_ARRAY to string vector. 
Extremely unlikely to happen but better safe than sorry.
 2021-02-04 16:10:35 -07:00
Todd C. Miller
665f8d2e3e Only strip double quotes from an include path if len >= 2. 
Found locally using libfuzzer/oss-fuzz.
 2021-02-03 16:50:04 -07:00
Todd C. Miller
e675f4c078 Don't allow the sudoers fuzzer to open include files. 
If we allow the fuzzer to choose include paths it will include
random files in the file system.  This leads to bug reports that
cannot be reproduced.
 2021-02-03 15:20:54 -07:00