diff --git a/lib/iolog/regress/fuzz/fuzz_iolog_json.c b/lib/iolog/regress/fuzz/fuzz_iolog_json.c index 4f39615fb..465e405a6 100644 --- a/lib/iolog/regress/fuzz/fuzz_iolog_json.c +++ b/lib/iolog/regress/fuzz/fuzz_iolog_json.c @@ -66,6 +66,25 @@ static int fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) { + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } return 0; } diff --git a/lib/iolog/regress/fuzz/fuzz_iolog_legacy.c b/lib/iolog/regress/fuzz/fuzz_iolog_legacy.c index c1def41fa..c63b036dd 100644 --- a/lib/iolog/regress/fuzz/fuzz_iolog_legacy.c +++ b/lib/iolog/regress/fuzz/fuzz_iolog_legacy.c @@ -64,6 +64,25 @@ static int fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) { + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } return 0; } diff --git a/lib/iolog/regress/fuzz/fuzz_iolog_timing.c b/lib/iolog/regress/fuzz/fuzz_iolog_timing.c index 98c3b585a..cd520709e 100644 --- a/lib/iolog/regress/fuzz/fuzz_iolog_timing.c +++ b/lib/iolog/regress/fuzz/fuzz_iolog_timing.c @@ -45,6 +45,25 @@ static int fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) { + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } return 0; } diff --git a/lib/util/regress/fuzz/fuzz_sudo_conf.c b/lib/util/regress/fuzz/fuzz_sudo_conf.c index ff3980777..96e8015d0 100644 --- a/lib/util/regress/fuzz/fuzz_sudo_conf.c +++ b/lib/util/regress/fuzz/fuzz_sudo_conf.c @@ -37,6 +37,25 @@ static int fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) { + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } return 0; } diff --git a/logsrvd/regress/fuzz/fuzz_logsrvd_conf.c b/logsrvd/regress/fuzz/fuzz_logsrvd_conf.c index d92cf3942..09787eca0 100644 --- a/logsrvd/regress/fuzz/fuzz_logsrvd_conf.c +++ b/logsrvd/regress/fuzz/fuzz_logsrvd_conf.c @@ -47,6 +47,25 @@ static int fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) { + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } return 0; } diff --git a/plugins/sudoers/regress/fuzz/fuzz_policy.c b/plugins/sudoers/regress/fuzz/fuzz_policy.c index bddb6e315..f568e594f 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_policy.c +++ b/plugins/sudoers/regress/fuzz/fuzz_policy.c @@ -133,6 +133,25 @@ static int fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) { + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } return 0; } diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c index fb509dd70..84a101994 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c +++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c @@ -69,7 +69,6 @@ fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], for (n = 0; n < num_msgs; n++) { const struct sudo_conv_message *msg = &msgs[n]; - FILE *fp = stdout; switch (msg->msg_type & 0xff) { case SUDO_CONV_PROMPT_ECHO_ON: @@ -78,18 +77,8 @@ fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], /* input not supported */ return -1; case SUDO_CONV_ERROR_MSG: - fp = stderr; - FALLTHROUGH; case SUDO_CONV_INFO_MSG: - if (msg->msg != NULL) { - size_t len = strlen(msg->msg); - - if (len == 0) - break; - - if (fwrite(msg->msg, 1, len, fp) == 0 || fputc('\n', fp) == EOF) - return -1; - } + /* no output for fuzzers */ break; default: return -1; @@ -197,6 +186,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) setprogname("fuzz_sudoers"); sudoers_debug_register(getprogname(), NULL); + sudo_warn_set_conversation(fuzz_conversation); /* Sudoers locale setup. */ sudoers_initlocale(setlocale(LC_ALL, ""), "C"); @@ -352,11 +342,9 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) /* Match again as a pseudo-command (list, validate, etc). */ sudoers_lookup(&snl, sudo_user.pw, &cmnd_status, true); -#if 0 /* Display privileges. */ display_privs(&snl, sudo_user.pw, false); display_privs(&snl, sudo_user.pw, true); -#endif } /* Expand tildes in runcwd and runchroot. */ diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c index 70c2a3ce7..2cfa16175 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c +++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c @@ -82,6 +82,32 @@ open_data(const uint8_t *data, size_t size) #endif } +static int +fuzz_conversation(int num_msgs, const struct sudo_conv_message msgs[], + struct sudo_conv_reply replies[], struct sudo_conv_callback *callback) +{ + int n; + + for (n = 0; n < num_msgs; n++) { + const struct sudo_conv_message *msg = &msgs[n]; + + switch (msg->msg_type & 0xff) { + case SUDO_CONV_PROMPT_ECHO_ON: + case SUDO_CONV_PROMPT_MASK: + case SUDO_CONV_PROMPT_ECHO_OFF: + /* input not supported */ + return -1; + case SUDO_CONV_ERROR_MSG: + case SUDO_CONV_INFO_MSG: + /* no output for fuzzers */ + break; + default: + return -1; + } + } + return 0; +} + int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { @@ -98,6 +124,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) setprogname("fuzz_sudoers_ldif"); sudoers_debug_register(getprogname(), NULL); + sudo_warn_set_conversation(fuzz_conversation); /* Initialize defaults and parse LDIF-format sudoers. */ init_defaults();