mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Add dictionary files for fuzzers where possible.

Browse Source
This commit is contained in:
Todd C. Miller 2021-02-23 11:28:47 -07:00
parent e0761b9e3b
commit 081e219e23
9 changed files with 304 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
MANIFEST
View File

@ -137,6 +137,7 @@ lib/iolog/regress/corpus/timing/timing.2
lib/iolog/regress/corpus/timing/timing.3 lib/iolog/regress/corpus/timing/timing.3
lib/iolog/regress/corpus/timing/timing.4 lib/iolog/regress/corpus/timing/timing.4
lib/iolog/regress/fuzz/fuzz_iolog_json.c lib/iolog/regress/fuzz/fuzz_iolog_json.c
lib/iolog/regress/fuzz/fuzz_iolog_json.dict
lib/iolog/regress/fuzz/fuzz_iolog_legacy.c lib/iolog/regress/fuzz/fuzz_iolog_legacy.c
lib/iolog/regress/fuzz/fuzz_iolog_timing.c lib/iolog/regress/fuzz/fuzz_iolog_timing.c
lib/iolog/regress/host_port/host_port_test.c lib/iolog/regress/host_port/host_port_test.c
@ -217,6 +218,7 @@ lib/util/regress/corpus/sudo_conf/sudo.conf.3
lib/util/regress/fnmatch/fnm_test.c lib/util/regress/fnmatch/fnm_test.c
lib/util/regress/fnmatch/fnm_test.in lib/util/regress/fnmatch/fnm_test.in
lib/util/regress/fuzz/fuzz_sudo_conf.c lib/util/regress/fuzz/fuzz_sudo_conf.c
lib/util/regress/fuzz/fuzz_sudo_conf.dict
lib/util/regress/getdelim/getdelim_test.c lib/util/regress/getdelim/getdelim_test.c
lib/util/regress/getgrouplist/getgrouplist_test.c lib/util/regress/getgrouplist/getgrouplist_test.c
lib/util/regress/glob/files lib/util/regress/glob/files
@ -715,9 +717,12 @@ plugins/sudoers/regress/env_match/check_env_pattern.c
plugins/sudoers/regress/env_match/data plugins/sudoers/regress/env_match/data
plugins/sudoers/regress/exptilde/check_exptilde.c plugins/sudoers/regress/exptilde/check_exptilde.c
plugins/sudoers/regress/fuzz/fuzz_policy.c plugins/sudoers/regress/fuzz/fuzz_policy.c
plugins/sudoers/regress/fuzz/fuzz_policy.dict
plugins/sudoers/regress/fuzz/fuzz_sudoers.c plugins/sudoers/regress/fuzz/fuzz_sudoers.c
plugins/sudoers/regress/fuzz/fuzz_sudoers.dict
plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok
plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c
plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict
plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
plugins/sudoers/regress/parser/check_addr.c plugins/sudoers/regress/parser/check_addr.c
plugins/sudoers/regress/parser/check_addr.in plugins/sudoers/regress/parser/check_addr.in

1
lib/iolog/Makefile.in
View File

@ -221,6 +221,7 @@ install-fuzzer: $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS)
echo "must set FUZZ_DESTDIR for install-fuzzer target"; \ echo "must set FUZZ_DESTDIR for install-fuzzer target"; \
else \ else \
cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \ cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \
cp $(srcdir)/regress/fuzz/*.dict $(FUZZ_DESTDIR); \
fi fi
uninstall: uninstall:

17
lib/iolog/regress/fuzz/fuzz_iolog_json.dict Normal file
View File

@ -0,0 +1,17 @@
# I/O log JSON keywords
\"columns\"
\"command\"
\"lines\"
\"runargv\"
\"runenv\"
\"rungid\"
\"rungroup\"
\"runuid\"
\"runuser\"
\"runchroot\"
\"runcwd\"
\"submitcwd\"
\"submithost\"
\"submituser\"
\"timestamp\"
\"ttyname\"

1
lib/util/Makefile.in
View File

@ -329,6 +329,7 @@ install-fuzzer: $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS)
echo "must set FUZZ_DESTDIR for install-fuzzer target"; \ echo "must set FUZZ_DESTDIR for install-fuzzer target"; \
else \ else \
cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \ cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \
cp $(srcdir)/regress/fuzz/*.dict $(FUZZ_DESTDIR); \
fi fi
uninstall: uninstall:

19
lib/util/regress/fuzz/fuzz_sudo_conf.dict Normal file
View File

@ -0,0 +1,19 @@
# sudo.conf keywords
Debug
Path
Plugin
Set
# Paths
askpass
sesh
noexec
plugin_dir
devsearch
# Variables
developer_mode
disable_coredump
group_source
max_groups
probe_interfaces

1
plugins/sudoers/Makefile.in
View File

@ -521,6 +521,7 @@ install-fuzzer: $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS)
echo "must set FUZZ_DESTDIR for install-fuzzer target"; \ echo "must set FUZZ_DESTDIR for install-fuzzer target"; \
else \ else \
cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \ cp $(FUZZ_PROGS) $(FUZZ_SEED_CORPUS) $(FUZZ_DESTDIR); \
cp $(srcdir)/regress/fuzz/*.dict $(FUZZ_DESTDIR); \
fi fi
uninstall: uninstall:

51
plugins/sudoers/regress/fuzz/fuzz_policy.dict Normal file
View File

@ -0,0 +1,51 @@
# Policy plugin keywords (all are keyword = value)
# sudoers plugin options from sudo.conf
error_recovery
sudoers_file
sudoers_uid
sudoers_gid
sudoers_mode
ldap_conf
ldap_secret
# command line settings from front-end
closefrom
cmnd_chroot
cmnd_cwd
runas_user
runas_group
prompt
set_home
preserve_environment
run_shell
login_shell
implied_shell
preserve_groups
ignore_ticket
noninteractive
sudoedit
login_class
runas_privs
runas_limitprivs
selinux_role
selinux_type
bsdauth_type
network_addrs
max_groups
remote_host
timeout
plugin_dir
# user information from front-end
user
uid
gid
groups
cwd
tty
host
lines
cols
sid
umask

195
plugins/sudoers/regress/fuzz/fuzz_sudoers.dict Normal file
View File

@ -0,0 +1,195 @@
# Sudoers policy keywords (all are keyword = value)
# Aliases
Cmnd_Alias
Cmd_Alias
Host_Alias
Runas_Alias
User_Alias
# Special keywords
ALL
(ALL:ALL)
sudoedit
# Date_Spec
20170214083000Z
2017021408Z
20160315220000-0500
20151201235900
# Timeout_Spec
7d8h30m10s
14d
8h30m
600s
3600
# Command digests
sha224:
sha256:
sha384:
sha512:
# Command tags
NOPASSWD
PASSWD
NOEXEC
EXEC
SETENV
NOSETENV
LOG_INPUT
NOLOG_INPUT
LOG_OUTPUT
NOLOG_OUTPUT
FOLLOWLNK
NOFOLLOWLNK
MAIL
NOMAIL
# Command options
CHROOT
CWD
CMND_TIMEOUT
NOTBEFORE
NOTAFTER
ROLE
TYPE
PRIVS
LIMITPRIVS
# Defaults settings
Defaults
syslog
syslog_goodpri
syslog_badpri
long_otp_prompt
ignore_dot
mail_always
mail_badpass
mail_no_user
mail_no_host
mail_no_perms
mail_all_cmnds
tty_tickets
lecture
lecture_file
authenticate
root_sudo
log_host
log_year
shell_noargs
set_home
always_set_home
path_info
fqdn
insults
requiretty
env_editor
rootpw
runaspw
targetpw
use_loginclass
set_logname
stay_setuid
preserve_groups
loglinelen
timestamp_timeout
passwd_timeout
passwd_tries
umask
logfile
mailerpath
mailerflags
mailto
mailfrom
mailsub
badpass_message
lecture_status_dir
timestampdir
timestampowner
exempt_group
passprompt
passprompt_override
runas_default
secure_path
editor
listpw
verifypw
noexec
ignore_local_sudoers
closefrom
closefrom_override
setenv
env_reset
env_check
env_delete
env_keep
role
type
env_file
restricted_env_file
sudoers_locale
visiblepw
pwfeedback
fast_glob
umask_override
log_input
log_output
compress_io
use_pty
group_plugin
iolog_dir
iolog_file
set_utmp
utmp_runas
privs
limitprivs
exec_background
pam_service
pam_login_service
pam_setcred
pam_session
pam_acct_mgmt
maxseq
use_netgroups
sudoedit_checkdir
sudoedit_follow
always_query_group_plugin
netgroup_tuple
ignore_audit_errors
ignore_iolog_errors
ignore_logfile_errors
match_group_by_gid
syslog_maxlen
iolog_user
iolog_group
iolog_mode
fdexec
ignore_unknown_defaults
command_timeout
user_command_timeouts
iolog_flush
syslog_pid
timestamp_type
authfail_message
case_insensitive_user
case_insensitive_group
log_allowed
log_denied
log_servers
log_server_timeout
log_server_keepalive
log_server_cabundle
log_server_peer_cert
log_server_peer_key
log_server_verify
runas_allow_unknown_id
runas_check_shell
pam_ruser
pam_rhost
runcwd
runchroot
log_format
selinux
admin_flag

14
plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict Normal file
View File

@ -0,0 +1,14 @@
# Sudoers LDIF attributes
description
objectClass
organizationalRole
sudoCommand
sudoHost
sudoOption
sudoOption
sudoOrder
sudoRunAs
sudoRunAsGroup
sudoRunAsUser
sudoUser