isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,716 Commits 1 Branch 0 Tags
dba37768bba9d554d144f8fac37adcd3a7770a2c
Commit Graph

10716 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
dba37768bb Stub out eventlog and iolog configuration setters. 2021-02-24 13:02:14 -07:00
Todd C. Miller
cbd11c44d2 Update Defaults settings after parsing sudoers. 
Also stub out dump_defaults when fuzzing as it is not used.
 2021-02-24 12:29:34 -07:00
Todd C. Miller
33551acd1f Split base64 encode/decode functions into separate source files. 
They are independent functions.
 2021-02-24 12:20:36 -07:00
Todd C. Miller
f35d9c8be1 fuzz_printf and fuzz_conversation can be stubs. 2021-02-24 11:31:43 -07:00
Todd C. Miller
9f5aed70a1 Exercise tilde expansion if used in runcwd or runchroot. 2021-02-23 19:37:19 -07:00
Todd C. Miller
c702957879 Move alias checking code out of visudo.c and into check_aliases.c. 2021-02-23 19:07:12 -07:00
Todd C. Miller
2a0ba4008c Check aliases in fuzz_sudoers if the policy parsed correctly. 2021-02-23 18:48:47 -07:00
Todd C. Miller
5a85543c16 Move alias checking code out of visudo.c and into check_aliases.c. 2021-02-23 18:42:37 -07:00
Todd C. Miller
c71a397368 We don't need to link fuzz_sudoers with file.c. 2021-02-23 16:39:32 -07:00
Todd C. Miller
03e610dab5 Strings in dictionary files need to be quoted. 2021-02-23 12:38:02 -07:00
Todd C. Miller
081e219e23 Add dictionary files for fuzzers where possible. 2021-02-23 11:28:47 -07:00
Todd C. Miller
e0761b9e3b Also free safe_cmnd so it doesn't leak. 2021-02-22 20:18:49 -07:00
Todd C. Miller
322e0b3693 Return NOT_FOUND from the set_cmnd_path() stub since we don't set user_cmnd. 
The purpose of set_cmnd_path() is to reset user_cmnd based on a new
runchroot.  For the stub version we don't modify user_cmnd and so
must not return a status of FOUND.
Fixes oss-fuzz issue #31250 which only affected the fuzzer and not sudo.
 2021-02-22 19:53:08 -07:00
Todd C. Miller
5fc6b8c177 Fix fuzz_sudoers output matching. 2021-02-22 16:43:34 -07:00
Todd C. Miller
4adc11e335 Print "running" and "executed" lines to stderr like libfuzzer does. 2021-02-22 15:43:45 -07:00
Todd C. Miller
39db44b041 Support passing sudo_make_gidlist_item() an array of gids. 
The gids are formatted as strings, not gid_t.
 2021-02-22 12:33:21 -07:00
Todd C. Miller
f92080be62 Prime user/group cached and set the interface list. 
Also match parsed policy against multiple users.
 2021-02-22 10:59:58 -07:00
Todd C. Miller
7463a1989f Add sudo_mkgrent(), to be used to prime the group cache in tests/fuzzers. 2021-02-22 08:00:46 -07:00
Todd C. Miller
df42c0c1d2 Perform matching in fuzz_sudoers for inputs that parse correctly. 
The fuzzer now exercised the normal match code as well as the
pseudo-command (list, validate, etc) match code.
Privileges are also listed for well-formed sudoers file.
 2021-02-21 14:59:29 -07:00
Todd C. Miller
921097cb67 Add back SUDOERS_NAME_MATCH and enable it when fuzzing. 
This avoids the test environment from influencing sudoers matching.
 2021-02-21 13:39:56 -07:00
Todd C. Miller
ecbe95589a Add missing globfree(3) in command_matches_glob() when matching a directory. 2021-02-21 13:35:00 -07:00
Todd C. Miller
387169ac67 Add support on AIX for loading plugins that are .a (not .so) files. 
It is possible to specify the member name in parens after the path,
e.g. sudoers.a(shr.o) for 32-bit or sudoers.a(shr_64.o) for 64-bit.
If no member is specified in the path and dlopen() fails with ENOEXEC,
try again with an explicit member, either shr.o or shr_64.o.
 2021-02-19 11:03:26 -07:00
Todd C. Miller
14c71eaa86 Add clean rules to .PHONY target. 2021-02-19 08:54:04 -07:00
Todd C. Miller
9f1e016cde Add install-fuzz Makefile target to install the fuzzers and seed corpus. 
The FUZZ_DESTDIR make variable needs to be set in the environment
or on the command line.
 2021-02-18 19:38:54 -07:00
Todd C. Miller
5ea2acc4c2 Only display fuzz_policy output if the fuzzer exits with an error. 2021-02-18 15:12:42 -07:00
Todd C. Miller
d02cc9c3ac Call list, validate and invalidate entry points too. 
We need a separate open/close for each one.
 2021-02-18 15:09:26 -07:00
Todd C. Miller
90534b5b27 Add --disable-ssp configure option. 
This allows for disabling -fstack-protector without turning off the
other hardening options.
 2021-02-18 13:58:09 -07:00
Todd C. Miller
a7e2dd15e1 Test the error case by closing the underlying fd. 
Note that we don't use ferror() here since our getdelim() has no
way to set the error flag if there is a memory allocation error.
 2021-02-18 13:15:35 -07:00
Todd C. Miller
db70a70d07 Test the case where getdelim() must reallocate the buffer. 
Reproduces Bug #960.
 2021-02-18 10:42:04 -07:00
Todd C. Miller
e5c1778e7d When logging JSON to syslog, wrap the contents in a "sudo" object. 
This makes it easier for log parsers to identify what is a sudo log entry.
 2021-02-18 08:32:13 -07:00
Todd C. Miller
f76c59fc8f Restore the check for sudoers_policy.close == NULL. 
The fuzzers run as part of "make check" too in which case NO_LEAKS
won't be defined and the close function will be set to NULL.
 2021-02-18 07:58:34 -07:00
Todd C. Miller
e047e99306 Use %td when printing the difference of two pointers. 2021-02-18 07:22:36 -07:00
Todd C. Miller
5813358b2b Don't print a NULL as a string if role/type/privs/limitprivs is not set. 
We can't rely on printf("%s", NULL) not crashing.
 2021-02-18 06:09:08 -07:00
Todd C. Miller
aaf3d5643b Fix compilation error on Solaris introduced with sudo_user_free(). 2021-02-18 05:41:20 -07:00
Todd C. Miller
ac45fba899 Bug #960. 2021-02-17 18:59:19 -07:00
Todd C. Miller
9937d08031 Distinguish between EOF and error using feof(3), not ferror(3). 
Our getdelim(3) emulation won't set the error flag if the error is
due to an allocation failure.  This explains the premature EOF
without error seen in Bug #960.
 2021-02-17 18:57:21 -07:00
Todd C. Miller
75004b7059 Reset end pointer when reallocing the line buffer in getdelim(). 
Fixes excessive memory allocations for long lines.  Bug #960.
 2021-02-17 16:46:02 -07:00
Todd C. Miller
abdef93f72 Remove duplicated MALLOC_OPTIONS and MALLOC_CONF env variables. 2021-02-17 13:06:35 -07:00
Todd C. Miller
dc45ac5bc7 On parse error, display line and column instead of the offending line. 2021-02-17 11:29:08 -07:00
Todd C. Miller
79a18cb419 regen 2021-02-17 09:57:36 -07:00
Todd C. Miller
b736804cf0 Sudo 1.9.6 2021-02-17 09:56:04 -07:00
Todd C. Miller
4a279d5767 Pass I/O log memory allocation errors up to the caller. 2021-02-16 16:55:25 -07:00
Todd C. Miller
a5504148a5 Add admin_flag sudoers option and make --enable-admin-flag take a path. 
It is now possible to disable the Ubuntu admin flag in sudoers
or change its location.
GitHub issue #56
 2021-02-16 13:20:02 -07:00
Todd C. Miller
5ec59cddc2 Fix tilde expansion of paths with no user like ~/foo. 
The '/' separator was missing in the resulting path.
 2021-02-16 13:19:58 -07:00
Todd C. Miller
a18b2a9ddf Limit max_groups in sudo.conf to 1024. 
The max_groups setting should no longer be needed anyway.
 2021-02-16 12:37:23 -07:00
Todd C. Miller
df91e15b82 In sudoers_policy_close() call sudoers_cleanup() instead of sudo_user_free(). 
If we didn't call sudoers_policy_main() due to an early error there
may be more things to clean up.
 2021-02-16 10:37:04 -07:00
Todd C. Miller
ecdf732adc Check for invalid flag combinations from front-end for all cases. 
The checks are now performed in the check_policy, list, validate
and invalidate functions instead of as part of the open function.
We can't perform the checks in open because we don't yet know what
operation is going to be performed.
 2021-02-16 09:33:39 -07:00
Todd C. Miller
ae3a098d2f Always dynamically allocate user_cmnd, it is freed in sudo_user_free(). 
Instead of setting user_cmnd in the policy functions, always set argv.
Calling sudoers_policy_main() with argc of 0 is no longer allowed.
 2021-02-16 09:32:34 -07:00
Todd C. Miller
c09169e812 No need for sudoers_cleanup() in sudoers_policy_invalidate(). 
The sudoers close() function is now called even for "sudo -k".
Also no need to set user_cmnd, it is not used in this code path.
 2021-02-16 08:26:49 -07:00
Todd C. Miller
d235083342 Add simple fuzzer for sudo_logsrvd.conf parser. 2021-02-15 15:52:17 -07:00