isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,785 Commits 1 Branch 0 Tags
e4057faca239b7ed9e2402da548b6965b284445b
Commit Graph

54 Commits

Author SHA1 Message Date
Todd C. Miller
e4057faca2 Properly handle sysconf(_SC_LOGIN_NAME_MAX) returning -1 on failure. 
The cast to size_t needs to be outside the MAX() macro or the -1
will get cast to unsigned.
 2023-12-28 09:00:49 -07:00
Todd C. Miller
e343e07543 Use #include <foo.h> instead of #include "foo.h" in most cases. 
We rely on the include path to find many of these headers.  It
especially doesn't make sense to use #include "foo.h" for headers
in the top-level include directory.
 2023-09-25 10:13:28 -06:00
Todd C. Miller
034b2f3bdd Add testsudoers_setshellfile() and use it in testsudoers. 2023-09-10 16:38:53 -06:00
Todd C. Miller
2fdb4db339 Wrap valid_shell and add to sudo_pwutil_set_backend(). 
This will make it possible to support a different getusershell()
implementation for testsudoers in the future.
 2023-09-09 14:48:25 -06:00
Todd C. Miller
d18ee8e0e7 Move check_user_shell() to pwutil.c as user_shell_valid() 
This will make it possible to support a different backend which may
be used by testsudoers in the future.
 2023-09-09 14:07:28 -06:00
Todd C. Miller
2440174954 Make struct sudoers_context private to sudoers.c. 
We now pass a pointer to the context where necessary.  There are a
few cases where we need to request the context from sudoers via
sudoers_get_context() for the plugin API functions.  If the plugin
API was able to pass around a closure pointer this would not be
necessary.
 2023-08-21 09:21:49 -06:00
Todd C. Miller
2d2529a15e Add a sudoers_context struct that embeds the user and runas structs. 2023-08-20 16:27:08 -06:00
Todd C. Miller
cb01b90a5c We still need to clamp ngids if getgrouplist2() returns -1. 
Otherwise, we end up with ngids set to the number of gids the user
belongs to which may be larger than what the front-end specified.
Fixes a regression introduced in the last commit here.
 2023-08-15 08:52:02 -06:00
Todd C. Miller
20baa39007 Move max_groups out of sudoers_user_context and into pwutil.c. 
It is only used by the local password pwutil implementation.
 2023-08-14 16:29:15 -06:00
Todd C. Miller
d8b28dad97 Expand the user_* (and more) macros to user_ctx.foo. 2023-08-12 10:39:59 -06:00
Todd C. Miller
bd8cccb5dd Rename struct sudo_user -> struct sudo_user_context. 
Also rename the sudo_user global to user_ctx.
 2023-08-12 10:39:47 -06:00
Todd C. Miller
a38b714667 sudoers plugin: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
f1d9063477 Fix wrapping of libc getpwnam/getpwuid/getgrnam/getgrgid on NetBSD. 2023-07-04 14:14:07 -06:00
Todd C. Miller
83defd3a6f Fix CodeQL "Multiplication result converted to larger type" warnings. 2021-12-10 13:33:07 -07:00
Todd C. Miller
39db44b041 Support passing sudo_make_gidlist_item() an array of gids. 
The gids are formatted as strings, not gid_t.
 2021-02-22 12:33:21 -07:00
Todd C. Miller
41eae91206 If sudo_getgrouplist2() returns -1, clamp ngroups based on max_groups. 
The ngroups parameter is an out parameter that is filled in with
the actual number of groups, which may be less than the static
number allocated when max_groups is set in sudo.conf.
Fixes a potential out of bounds read found by LLVM libFuzzer.
 2021-02-13 11:54:21 -07:00
Todd C. Miller
fa5d44b8b5 Quiet some clang 10 analyzer warnings. 2020-08-07 14:22:56 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
c92f80b79e In sudo_make_grlist_item() the calculation of total did not include 
space for pointers to the group names.
 2019-02-05 16:46:30 -07:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
aaefdd7575 Include stddef.h for offsetof() definition. 2018-08-22 10:27:33 -06:00
Todd C. Miller
c57ca74405 Use new sudo_getgrouplist2() function instead of getgrouplist(). 2018-06-15 14:05:14 -06:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
250209d7a8 When running a command as the invoking user we cannot use the gid 
list from the front-end since it may not correspond to the user's
aux group vector as defined by the group database.
 2017-11-28 09:48:43 -07:00
Todd C. Miller
ae76e1a229 Use getgrouplist_2() on macOS if available. 2016-12-13 10:39:32 -07:00
Todd C. Miller
985ab1dd3e Cache the user's group IDs and group names separately and only 
resolve group IDs -> names when needed.  If the sudoers file doesn't
contain groups we will no longer try to resolve all the user's group
IDs to names, which can be expensive on some systems.
 2016-08-13 16:27:44 -06:00
Todd C. Miller
6cbba7d665 Add an administrative domain to the passwd/group cache key for 
AIX which can have different name <-> ID mappings depending
on whether the database is local, LDAP, etc.
 2016-02-01 11:08:58 -07:00
Todd C. Miller
d4211081c0 Add some debugging printfs when malloc fails and we don't have an 
explicit call to sudo_warnx().
 2015-07-14 15:28:01 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
6b7be032af Use non-existing allocators in the passwd/group cache functions. 2015-05-27 10:26:49 -06:00
Todd C. Miller
96eddddc12 Almost no systems actually define OPEN_MAX since it is dynamic on 
modern OSes.  If sysconf(_SC_OPEN_MAX) ever fails, fall back on
_POSIX_OPEN_MAX instead.  We can assume modern systems have sysconf().
Also remove checks for strrchr() and strtoll() for which the HAVE_*
defines are no longer used.
 2015-02-19 09:59:25 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
2508da6f68 Better match debugging. 
Sprinkle const in match functions.
 2013-12-05 14:34:56 -07:00
Todd C. Miller
07a804caf3 Quiet sign comparision warnings. 2013-10-23 15:03:31 -06:00
Todd C. Miller
9b2fb418ca Don't allow max_groups to be set to zero, it just complicates things 
needlessly.  Fixes an assertion in visudo when there is a group-based
Defaults entry.
 2013-08-12 09:14:38 -06:00
Todd C. Miller
6e50087010 Add sudo_set_grlist(), currently unused by the back end. 2013-03-26 13:27:51 -04:00
Todd C. Miller
593832152f Make sure groupname_len is at least 32 just to be on the safe side. 
It is better to allocate a little extra and not need it than to
have to reallocate and start over.
 2013-03-05 14:06:51 -05:00
Todd C. Miller
791b751425 Use sysconf(_SC_LOGIN_NAME_MAX) to find max username length instead 
of poking around in struct utmpx.
 2013-02-15 10:20:21 -05:00