isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,767 Commits 1 Branch 0 Tags
e4f08157b6693b956fe9c7c987bc3eeac1abb2cc
Commit Graph

66 Commits

Author SHA1 Message Date
Todd C. Miller
3421c8b6ce Fix potential NULL pointer deference found by clang-analyzer. 2022-07-26 11:44:12 -06:00
Todd C. Miller
e5652fc65a Linux execve(2) allows argv or envp to be NULL. 
Add checks to make sure we don't deference a NULL pointer.
 2022-07-14 09:29:40 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
55171df5e5 Check strftime(3) return value in all cases. 
Old versions of strftime(3) didn't guarantee to NUL-terminate the buffer
so we explicitly clear the last byte of the buffer and check it.
 2021-09-17 14:01:28 -06:00
Todd C. Miller
18f1884ddc Use gmtime_r() and localtime_r() instead of gmtime() and localtime(). 2021-09-17 10:55:06 -06:00
Todd C. Miller
46d71c4360 Store milliseconds in the debug file timestamp. 
Sometime second granularity is not enough.
 2021-09-17 10:55:06 -06:00
Todd C. Miller
dcab17900b Add sudo_debug_register_v2() stub for fuzzing build. 2021-08-26 10:43:15 -06:00
Todd C. Miller
70aef0eb2d sudo_debug_register: add minfd argument to specify lowest fd number 
Use this in sudo_intercept.so to avoid allocating a low-numbered
fd which the shell reserves for use by scripts.
 2021-08-26 09:57:24 -06:00
Todd C. Miller
79dbf9f17e Disable debug code for FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 
It will not be used and just confuses the coverage stats.
 2021-02-28 19:52:03 -07:00
Todd C. Miller
4e11bc0e26 Suppress PVS Studio false positives. 2021-01-06 14:27:09 -07:00
Todd C. Miller
71339c574f Check the return value of fcntl() when setting FD_CLOEXEC. 
This should never fail unless the fd is invalid.
Problem reported by Matthias Gerstner of SUSE.
 2021-01-06 10:16:00 -07:00
Todd C. Miller
deb217adf9 On SIGHUP, deregister the old debug instance before registering a new one. 
Otherwise, if debugging is enabled we will get an extra log instance
each time sudo_logsrvd reeives SIGHUP which results in duplicate
lines in the debug log.
 2020-11-10 19:36:55 -07:00
Todd C. Miller
961a4afe67 Fix some warnings from pvs-studio 2020-08-12 13:45:09 -06:00
Todd C. Miller
8ef5c4cf9d Set DEFAULT_TEXT_DOMAIN in lib/util's Makefile not individual .c files. 
We no longer need to include sudo_gettext.h before sudo_compat.h
 2020-05-18 11:19:58 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
0e4c3c47d1 Move duplicated code to parse plugin debug flags to libsudo_util. 
There's no need for four copies of sudo_debug_parse_flags().
 2020-02-11 15:15:36 -07:00
Robert Manner
6710048c8d lib/util/sudo_debug.c: add a function for querying if debugging is needed 
for a level.
Rationale: this way we can avoid computing details for the log which will
not happen at all if the computation is slow.
 2019-12-14 12:55:42 -07:00
Todd C. Miller
3ab29e29bb Add reference counting to debug register/deregister. 
Fixes a potential problem when an instance is re-registered.
 2019-12-03 20:03:19 -07:00
Todd C. Miller
73dd3849c6 Better error message when debug log file cannot be opened. 2019-09-21 07:47:24 -06:00
Todd C. Miller
9d8f374397 Add ssizeof macro that returns ssize_t. 
We can use this instead of casting the result of size_t to int.
Also change checks for snprintf() returning <=0 to <0.
 2019-06-25 09:45:10 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
e5dee1557e Add NOTBEFORE and NOTAFTER command options similar to what is 
already available in LDAP.
 2017-02-18 15:35:48 -07:00
Todd C. Miller
334350af45 id_t is 64-bits on FreeBSD so use strtoll() there. 
Fixes the strtoid regress.
 2016-11-30 07:32:59 -07:00
Todd C. Miller
6c5936296f Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register() 
and check for it in places where we check the return value of
sudo_debug_register().
 2016-11-21 06:37:23 -10:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
f683cbd582 Add definition of nitems for those without it and use it throughout. 2016-06-23 10:58:07 -06:00
Todd C. Miller
5016fa23df When parsing debug entries, don't make a lower value override a 
higher one.  For example, for "pcomm@debug,all@warn" the "all@warn"
should not set pcomm to "warn" when it is already at "debug".
 2016-01-21 07:43:25 -07:00
Todd C. Miller
8b12390abf Add debug_return_ssize_t 2015-11-01 15:13:28 -07:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
105f199f6b Fix build on compilers w/o __func__ or __FUNCTION__ 2015-06-30 10:41:14 -06:00
Todd C. Miller
d36e46cb6e Must call round_nfds() with fd+1 since it takes a count not the fd 
number.  In other words, the lowest value is 1, not 0.
 2015-06-23 13:49:56 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
e2328479dd Use strtok_r() instead of strtok() 2015-06-19 12:35:51 -06:00
Todd C. Miller
5ce50a885c Use non-exiting allocators in libsudo_util. 2015-06-17 17:00:53 -06:00
Todd C. Miller
caf5d45e0f Previously, debug_return_bool was the same as debug_return_int 
except that it logged true/false for 1/0.  However, this appears
to trigger a bug in some compilers.  To avoid this, debug_return_bool
now uses bool, not int.  Callers that were passing it an int have
been converted to use debug_return_int instead.
 2015-05-07 10:33:23 -06:00
Todd C. Miller
23f4e49f4d Plug memory leak when debug file cannot be opened. 
Use %zu printf format now that our snprintf support it.
 2015-02-23 15:40:37 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
2188c83a20 If sudo_debug_register() fails return SUDO_DEBUG_INSTANCE_INITIALIZER, 
not -1.  Otherwise we could end up setting the instance to -1 which
is invalid.
 2015-01-21 10:08:41 -07:00
Todd C. Miller
cbe917c540 If there are multiple outputs, ap will be re-used so make a copy 
and operate on it instead.
 2014-11-14 16:30:22 -07:00
Todd C. Miller
2eed956396 Use a static buffer for sudo_debug_execve2() if possible. 2014-10-31 06:57:17 -06:00
Todd C. Miller
adfdad9ae0 Version the symbols for sudo_debug.c now that the API is stable. 2014-10-27 05:26:08 -06:00
Todd C. Miller
fd8cf2c89b No need to convert sudoedit -> sudo in sudo_debug_get_instance() 
as we store the actual program name and only do the sudoedit ->
sudo conversion when reading the sudo.conf file.  Fixes debugging
when invoked as sudoedit.
 2014-10-24 11:28:39 -06:00
Todd C. Miller
4bf641df69 In the plugin registers with the debug framework at open time, the 
sudo front-end will now set the default debug instance appropriately
before calling into the plugin.  This means the plugin no longer needs
to do the sudo_debug_set_default_instance() dance.
 2014-10-24 11:17:48 -06:00
Todd C. Miller
7dc2c8fa1c Dynamically allocate debug_fds bitmap and realloc as needed. 2014-10-23 14:37:29 -06:00
Todd C. Miller
17a2a27e46 Use generic bitmap macros instead of select-style fd_set. 2014-10-23 14:37:27 -06:00