isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,767 Commits 1 Branch 0 Tags
e4f08157b6693b956fe9c7c987bc3eeac1abb2cc
Commit Graph

11767 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
de47380350 Block SIGCHLD when forking the mailer. 
Otherwise, it may be picked up by the signal handler instead of our
waitpid(2) call.
Don't warn if waitpid() returns 0 in a SIGCHLD handler.
 2022-03-14 13:54:12 -06:00
Todd C. Miller
e5a50ae429 If there are multiple parse errors, send them in a single mail message. 2022-03-14 13:54:11 -06:00
Todd C. Miller
1f64aca229 Unset LANGUAGE when running tests, otherwise it may override LC_ALL. 
Bug #1025.
 2022-03-14 13:51:03 -06:00
Todd C. Miller
ef4ce5c08a Looser owner/permission checks for an uninstalled sudoers file. 
We don't check the owner or permissions on a sudoers file that is
specified as an argument to visudo by default.  However, the owner
and mode of files included via @includedir were still checked.  This
commit makes the owner and permissions checks for filed included
via @includedir follow the same as for the original sudoers file.
 2022-03-11 10:44:17 -07:00
Todd C. Miller
b2a32f95ee getdelim_test: increase longstr to check end pointer after realloc 
This would have caught the recent bug in our getdelim replacement
when run under address-sanitizer or valgrind.
 2022-03-11 09:03:55 -07:00
Todd C. Miller
8e7c004c7f Add missing va_start/va_end around call to sudoers_error_hook(). 
Coverity CID 250885
 2022-03-11 08:37:06 -07:00
Todd C. Miller
c48c511e91 Correctly update the end pointer when we expand the buffer. 
From Robert Manner.
 2022-03-11 08:00:38 -07:00
Todd C. Miller
6ff33922f4 sudo_secure_path: pass the struct stat * argument directly to stat(2) 
Set the pointer to a struct stat on the stack if st is NULL.
Avoids a needless memcpy() at the end.
 2022-03-10 20:16:51 -07:00
Todd C. Miller
8dae0ba06c Fix off-by-one when storing line number in userspec. 
We store the line number *after* parsing the newline so we need to
subtract one.
 2022-03-10 20:05:40 -07:00
Todd C. Miller
eb2803c3e9 For alert messages, the command or runuser may not be set. 
This fixes the logging of parse errors when JSON logging is enabled.
 2022-03-10 13:59:34 -07:00
Todd C. Miller
65e5b89f1d Pass file, line and column to sudoers defaults callbacks. 2022-03-10 13:35:58 -07:00
Todd C. Miller
d7ddff2a31 Add a hook for sudoers parse errors (including defaults and aliases). 
The hook can be used to log parser errors (sudoers module) or keep
track of which files have an error (visudo).
Previously, we only kept track of a single parse error.
 2022-03-10 13:30:56 -07:00
Todd C. Miller
6ec279532e Add a source to struct sudo_nss and use it if getdefs() fails. 
Also remove useless "Problem with defaults entries" warning in testsudoers.
 2022-03-09 12:38:25 -07:00
Todd C. Miller
31ab2e2297 Plug a few test memory leaks now that they return from main(). 2022-03-08 13:34:38 -07:00
Todd C. Miller
346dce4358 Remove extra newline in sudo_warnx() calls. 2022-03-06 18:56:28 -07:00
Todd C. Miller
7d3f9293c6 Preserve the column and error message when there is a syntax error. 
This information is now included in the error mail sent to root.
 2022-03-06 18:54:30 -07:00
Todd C. Miller
dfda098ae7 Deinit python subinterpreters in reverse order (last to first). 
This appears to work around a crash on OpenBSD with Python 3.9.10.
 2022-03-06 18:39:12 -07:00
Todd C. Miller
c131b27474 For 'make check-verbose' run fuzzers with -verbose=1 
This is the default for libFuzzer but not for the stub fuzzer lib.
 2022-03-03 10:45:56 -07:00
Todd C. Miller
ecaa8ab428 INSTALL.md: Mention "make check" and "make check-verbose" 2022-03-02 13:53:02 -07:00
Todd C. Miller
9f47ea5cb0 Repair generate_test_coverage.sh after move to scripts directory. 2022-03-02 13:45:16 -07:00
Todd C. Miller
cdee5d48da Add check-verbose Makefile target that runs tests in verbose mode. 2022-03-02 13:32:08 -07:00
Todd C. Miller
43cc80d795 Add -v option parsing to regress tests, currently a no-op. 
This will be used by a "check-verbose" target in the future.
 2022-03-02 11:09:51 -07:00
Todd C. Miller
dda14cb57a Less verbose output unless the -v option is used. 
Also display a test summary at the end.
 2022-03-01 16:09:32 -07:00
Todd C. Miller
2c329dbe42 verbose flag is boolean, not int 2022-03-01 15:47:47 -07:00
Todd C. Miller
908ae9510d Update copyright year. 2022-03-01 12:31:36 -07:00
Todd C. Miller
e9155a067c Regenerate dependencies. 2022-03-01 11:32:23 -07:00
Todd C. Miller
75a0e51590 Add sudo_closefrom() regression test. 2022-03-01 11:31:19 -07:00
Todd C. Miller
f1a697a8ff Use close_range(2) in closefrom() emulation if available. 
On Linux, prefer our own closefrom() emulation since the glibc
version may fail if /proc is not present and close_range() is not
supported.  On FreeBSD, closefrom(3) will either call the closefrom
or close_range system call, depending on which is available.
 2022-03-01 09:54:23 -07:00
Todd C. Miller
c3177ce831 Repair --enable-pvs-studio on Linux. 2022-03-01 09:42:07 -07:00
Todd C. Miller
10ca59097e Mention apple radar 3710161 in the comment about broken macOS poll(2). 2022-03-01 09:25:14 -07:00
Todd C. Miller
a199abe0e5 Only display test totals unless run in verbose mode. 2022-02-28 20:18:54 -07:00
Todd C. Miller
c2bd52edf8 Allow test harness to be run from any directory. 
Also add missing copyright notice.
 2022-02-28 19:39:33 -07:00
Todd C. Miller
a4f847b1d6 Adapt test harness for lib/util and move to regress directory. 2022-02-28 19:23:41 -07:00
Todd C. Miller
a57e979962 Adapt test harness for lib/util and move to regress directory. 2022-02-28 14:15:43 -07:00
Todd C. Miller
6a84523671 Make fuzzer stub main() quiet by default. 
LLVM LibFuzzer displays the input and running time by default but
we don't care about that for the stub fuzzer library.
 2022-02-28 13:33:54 -07:00
Todd C. Miller
f35bbd5a3f Move the cvtsudoers/sudoers/testsudoers/visudo tests into a script. 
It is easier to maintain these tests in script form.  The output
now more closely matches that of the other tests.  The harness
script can be invoked directly and supports running specific tests.
 2022-02-28 11:29:38 -07:00
Todd C. Miller
e7b7c902db Updated translations from translationproject.org 2022-02-27 09:03:54 -07:00
Todd C. Miller
e703feeae2 sudo_regex_compile_v1 stub: set errstr on error 2022-02-25 14:07:22 -07:00
Todd C. Miller
590c4cf62f fuzz_logsrvd_conf: add stub version of sudo_regex_compile_v1(). 
We want to fuzz our parser, not the libc regular expression code.
 2022-02-25 10:13:34 -07:00
Todd C. Miller
e5bbd33834 testsudoers/test18: don't rely on /usr/bin/w being present 
Fixes a test failure on Alpine Linux.
 2022-02-25 09:46:26 -07:00
Todd C. Miller
42f735c8dd Add configure check for gzclearerr() when using system zlib. 2022-02-24 19:13:53 -07:00
Todd C. Miller
68bc030c0c Fix PVS-Studio platform check for macOS. 2022-02-24 08:15:01 -07:00
Todd C. Miller
22a01410bd sudo_ldap_parse_options: fix memory leak of sudoRole cn string. 
Coverity CID 249976
 2022-02-24 07:56:38 -07:00
Todd C. Miller
f793042bec command_allowed: plug memory leak on strdup() failure. 
Coverity CID 249972
 2022-02-24 07:49:30 -07:00
Todd C. Miller
b1fd1ec0fc display_lecture: just return if callback is NULL 2022-02-23 21:09:33 -07:00
Todd C. Miller
330b4e821b For alert messages it is possible for evlog to be NULL. 
Coverity CID 238641
 2022-02-23 20:55:46 -07:00
Todd C. Miller
8290a1e57a iolog_seekto: initialize struct timing_closure before using. 
Coverity CID 249977
 2022-02-23 20:47:18 -07:00
Todd C. Miller
2315c0b3bb iolog_rewrite: initialize struct timing_closure before using. 
Coverity CID 249971
 2022-02-23 20:17:58 -07:00
Todd C. Miller
79d8500347 Allow ARCH_FLAGS to be overridden and handle macOS 12. 2022-02-23 20:04:21 -07:00
Todd C. Miller
9f427b0172 Prefer if [ ... ]; then over if test ...; then. 2022-02-23 20:03:33 -07:00