isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,991 Commits 1 Branch 0 Tags
f2f5c2949c44f17e77f1cee225ddcc7c33c11083
Commit Graph

65 Commits

Author SHA1 Message Date
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4da9e10971 Use non-exiting allocators in the parser (much of it already did). 2015-05-27 10:36:03 -06:00
Todd C. Miller
2bf454b74d Use non-exiting allocators in the redblack tree and fix the fallout. 
Also switch to non-exiting allocators in affected code blocks.
 2015-05-27 09:51:54 -06:00
Todd C. Miller
46770c9588 The error string returned by alias_add should be const. 2015-05-27 09:48:34 -06:00
Todd C. Miller
45548cf049 Add support for MAIL and NOMAIL command tags to toggle mail sending 
behavior on a per-command (or Cmnd_Alias) basis.
 2015-02-19 10:02:20 -07:00
Todd C. Miller
2033be83c6 Regen with yacc skeleton that the clang analyzer doesn't complain about. 2015-02-03 15:58:09 -07:00
Todd C. Miller
a9bf105eda Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX 
systems doesn't include stdint.h itself.
 2015-02-03 10:00:30 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
c287419788 Require that a digest be specified with a real command, not an alias 
or pseudo-command.  Found via a crash by afl.
 2014-11-19 17:07:24 -07:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
0a9a8d9562 Move SIZE_MAX compat define into missing.h where it belongs. 2014-05-01 08:38:43 -06:00
Todd C. Miller
218aa1e598 Move the sha2 code into libreplace and add configure checks for 
SHA224Update in libc and libmd.  Solaris uses "void *" where we use
"unsigned char *" so we need a check for that too.  Solaris sha2.h
defines SHA224, SHA256, SHA384, and SHA512 so rename those tokens.
Adapted from changes from Vladimir Marek in bug #641.
 2014-04-09 16:31:13 -06:00
Todd C. Miller
b2c456341a Move symbol extern defs into sudoers.h 2013-12-16 14:18:42 -07:00
Todd C. Miller
e8dac0e4ab regen 2013-11-04 10:30:12 -07:00
Todd C. Miller
1202e54cd9 Fix sign comparison warning. 2013-10-30 14:27:50 -06:00
Todd C. Miller
e8ce021e7d Quiet some llvm check false positives. The common idiom of using 
TAILQ_FIRST, TAILQ_REMOVE and free in a loop to free each entry in
a TAILQ confuses llvm.  Use TAILQ_FOREACH_SAFE instead (which is
probably faster anyway).
 2013-10-22 14:58:00 -06:00
Todd C. Miller
b38d253e98 Add "headless" tail queues and use them in place of the semi-circular 
lists in sudoers.  Once the headless tail queue is built up it is
converted to a normal TAILQ.  This removes the last consumer of
list.c and list.h so those can now be removed.
 2013-10-22 09:08:38 -06:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
e715841fc2 Sanity check digest in parser so visudo can catch errors. 
Add base64 support
 2013-04-15 15:12:00 -04:00
Todd C. Miller
35375a2b7e Initial implementation of checksum support in sudoers. 
Currently supports SHA-224, SHA-256, SHA-384, SHA-512.
TODO: checksum format validation in parser and base64 support.
      checksum support for ldap sudoers
 2013-04-14 07:00:21 -04:00
Todd C. Miller
d30008d580 Don't include gram.h in gram.y, its contents are already included. 
Move sudoerserror to the end of gram.y so COMMENT is declared
when we need to use it.
 2013-03-31 09:58:37 -04:00
Todd C. Miller
a2ce6fd296 Add missing semicolon in rule. 2013-03-28 20:53:55 -04:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
1660c2692a Regen for proper line numbers. 2012-11-25 11:55:33 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
15c69e0e3f Call gettext() in sudoerserror() in the user's locale and pass the untranslated string to it. 2012-11-25 09:33:58 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
7f36643a66 Rename yyerror() to sudoerserror() to match yacc prefix changes. 
Not really needed due to the #defines that yacc makes but it is
less confusing this way as the lexer calls sudoerserror().
 2012-09-17 17:03:17 -04:00
Todd C. Miller
5276ab3a5f Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers. 2012-09-14 16:19:25 -04:00
Todd C. Miller
e498bab4c1 Don't print an error message in yyerror() if open_sudoers() fails, 
we've already printed an error message.  Also restore the check
for sudoers_warnings in yyerror().
 2012-08-23 14:02:02 -04:00
Todd C. Miller
0c8c3c0cd8 Avoid printing the >>> parse error <<< message for testsudoers 
when the -t flag is specified.
 2012-08-23 11:28:44 -04:00
Todd C. Miller
7d255e42cb Fix some warnings from clang checker-267 2012-08-07 11:01:28 -04:00
Todd C. Miller
355d40aa86 The second argument to init_parser() is now bool. 2012-08-02 15:40:11 -04:00
Todd C. Miller
80597710c1 Fix printing of parse error message to stderr. 2012-08-02 15:37:48 -04:00
Todd C. Miller
e2d210a340 Add support for parsing an empty Runas_List, which only allows the 
command to be run as the invoking user.  This can be used in
conjunction with the Solaris Privilege Set support to grant privileges
without changing the user.
 2012-08-02 14:02:54 -04:00
Todd C. Miller
4abd2a6cf4 Merge in Solaris privilege support by Darren Moffat and John Zolnowsky 2012-07-26 13:49:21 -04:00
Todd C. Miller
12422f928c Quiet a clang-analyzer false positive. 2012-03-27 13:01:45 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00
Todd C. Miller
0f5eaa17fd Print a more sensible error if yyparse() returns non-zero but 
yyerror() was not called.
 2012-01-04 15:45:03 -05:00
Todd C. Miller
a1815e17ca Replace y.tab.c with the correct filename in #line directives. 2012-01-04 15:35:49 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
09beba8259 Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and 
<def_data.h> and not "def_data.h" when generating the parser in a
build dir.
 2011-11-12 12:18:44 -05:00
Todd C. Miller
bd881c26e8 Keep track of the last token returned. On error, if the last token was 
COMMENT, decrement sudolineno since the error most likely occurred on
the preceding line.  Previously we always uses sudolineno-1 which will
give the wrong line number for errors within a line.
 2011-11-05 07:37:14 -04:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00