mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-01 23:05:17 +00:00
Code Issues Releases Wiki Activity
12,322 Commits 6 Branches 326 Tags
978aa90021c439235a504b2405d0d6ca2cb15c1c
Commit Graph

12322 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
a9cab46f88 Pass the list of files to include in the tarball on stdin. 
This avoids any limit on the size of argv.
 2022-11-25 11:01:38 -07:00
Todd C. Miller
9a36698164 Merge pull request #214 from BornThisWay/1124_repeated_invocation 
check_syntax(): Remove duplicate calls to init_defaults()
 2022-11-23 19:33:46 -07:00
modric
26cf125fb9 check_syntax(): Remove duplicate calls to init_defaults() 2022-11-24 09:42:05 +08:00
Todd C. Miller
46d286947e build_command_info: free command_info on failure. 
Once upon a time, command_info was a stack variable, now it is
dynamically allocated.  Coverity CID 299987.
 2022-11-22 17:26:24 -07:00
Todd C. Miller
eb4ae10ab4 Better handling of out-of-memory conditions. 2022-11-22 11:57:42 -07:00
Todd C. Miller
9fff5a5fae Keep group file open until the call to myendgrent(). 
This restores the previous behavior.
 2022-11-22 11:55:34 -07:00
Todd C. Miller
f066ff9e01 Eliminate a few harmless dead stores. 
Quiets warnings from Infer.
 2022-11-22 11:18:24 -07:00
Todd C. Miller
2f97da316e sudo_ldap_parse_option: add explicit NULL check for strchr(). 
This should not be needed since we only use the returned pointer
if it is larger than the string passed to strchr().
Quiets a warning from Infer.
 2022-11-22 11:17:30 -07:00
Todd C. Miller
a0d9963fe6 journal_fdopen: free journal_path and close journal before setting 
Fixes a potential resource leak that currently cannot happen.
Quiets a warning from Infer.
 2022-11-22 11:15:21 -07:00
Todd C. Miller
a37ecb2666 sudo_ldap_result_add_entry: check sudo_ldap_get_values_len() return value. 
Previously, we just compared the error code with LDAP_NO_MEMORY
when checking for sudoOrder since this is the only error we care about.
We now return NULL for LDAP_NO_MEMORY and ignore other errors.
Quiets a warning from Infer.
 2022-11-22 11:05:26 -07:00
Todd C. Miller
1c9c7bd34a Refactor code to open passwd/group file and add setpassent/setgroupent. 
This makes the "stayopen" semantics match the system passwd/group
functions.  The getpwent/getgrent functions now open the database
if it is not already open.
 2022-11-22 08:45:14 -07:00
Todd C. Miller
4d7823e518 gram.h: #line directives should reference gram.h not y.tab.h. 2022-11-22 07:27:11 -07:00
Todd C. Miller
7ac13204f2 Use clang, not /usr/bin/cc on FreeBSD and macOS. 
While /usr/bin/cc _is_ clang on those platforms, some static analyzers
get confused if we don't run it as clang.
 2022-11-22 07:21:01 -07:00
Todd C. Miller
da7a5ecabd Merge pull request #212 from BornThisWay/1122_null_deref 
sudo_rcstr_dup: Fix potential NULL pointer deref
 2022-11-21 19:27:59 -07:00
modric
dbfd84301a sudo_rcstr_dup: Fix potential NULL pointer deref 2022-11-22 10:12:29 +08:00
Todd C. Miller
3396267291 Add a reminder to the default lecture that the password will not echo. 
This line is only displayed when the pwfeedback option is disabled.
GitHub issue #195.
 2022-11-21 09:48:50 -07:00
Todd C. Miller
c3f138eaa2 Merge pull request #210 from BornThisWay/1121_typo 
Fix some typos
 2022-11-21 07:08:46 -07:00
modric
cbdc4883d1 Fix some typos 2022-11-21 14:50:22 +08:00
Todd C. Miller
6a5546b11f Merge pull request #208 from BornThisWay/1121_return 
intercept_read: Print and then return.
 2022-11-20 19:20:03 -07:00
modric
b1af59aa56 intercept_read: Print and then return. 2022-11-21 09:57:14 +08:00
Todd C. Miller
496ae6e6f0 Merge pull request #205 from BornThisWay/1119_access_null_pointer 
sudo_mmap_strdup_v1: Fix potential NULL pointer deref
 2022-11-20 07:44:46 -07:00
modric
1eabf13577 sudo_mmap_strdup_v1: Fix potential NULL pointer deref 2022-11-20 20:06:55 +08:00
Todd C. Miller
9c694e9a65 copy_vector: plug memory leak in error path 
Only the array was being freed, not the contents.
GitHub issue #202.
 2022-11-18 07:19:47 -07:00
Todd C. Miller
981cc2f8e3 Better matching of macOS version to SDK path. 2022-11-17 14:26:55 -07:00
Todd C. Miller
ad220d72d4 Merge pull request #200 from BornThisWay/fix_mem_leak_converse 
Fix memory leak of pass in converse().
 2022-11-17 08:16:40 -07:00
Todd C. Miller
b3834bbf24 sudo_passwd_cleanup: Set auth->data to NULL after freeing. 
GitHub issue #201
 2022-11-17 08:10:35 -07:00
modric
f5cae905ca Fix memory leak of pass in converse(). 2022-11-17 16:08:59 +08:00
Todd C. Miller
0044893961 Use AC_SYS_YEAR2038 instead of setting _TIME_BITS by hand. 2022-11-16 19:29:22 -07:00
Todd C. Miller
4af5e6293c Update macros from autoconf-archive. 2022-11-16 19:24:42 -07:00
Todd C. Miller
fe8e1f3d38 Fix typo; excerise -> exercise 2022-11-16 19:23:11 -07:00
Todd C. Miller
920d384941 Regenerate with the autoconf 2.72a pre-release. 2022-11-16 10:26:08 -07:00
Todd C. Miller
03559d0770 Replace foo in descriptions with 'foo' 2022-11-16 10:10:20 -07:00
Todd C. Miller
cc0615059f Fix insufficient quoting in AC_CHECK_LIB() calls. 2022-11-16 10:22:28 -07:00
Todd C. Miller
096eacb21c If AUTOCONF_VERSION is unset, use version 2.71 not 2.69. 2022-11-16 10:11:21 -07:00
Todd C. Miller
bef72f76f6 Add -Wvla and -Walloca to --enable-warnings 2022-11-15 11:05:42 -07:00
Todd C. Miller
3ecfa025b8 sudo_debug_group_list: short-circuit if groups is NULL 2022-11-11 11:05:12 -07:00
Todd C. Miller
3cfba230c5 configure: only check for getauxval() if getentropy() is missing. 2022-11-11 11:04:58 -07:00
Todd C. Miller
28dbad3342 Remove checks for random() and lrand48(), they are no longer used. 
Also remove duplicate checks for arc4random() and getentropy().
 2022-11-11 09:37:49 -07:00
Todd C. Miller
3d0fcc0ff2 Skip check for cpp variadic macro support if the compiler supports C99. 2022-11-11 09:09:31 -07:00
Todd C. Miller
6b005e8114 HI-UX/MPP is based on OSF-1, not HP-UX 
Completely untested.
 2022-11-11 08:45:58 -07:00
Todd C. Miller
a142bc1830 Only check for utmps.h on HP-UX. 2022-11-11 08:32:41 -07:00
Todd C. Miller
a3684d7f3b Only check for sys/syscall.h on Linux. 
We only use it in the Linux-specific getentropy() emulation code.
 2022-11-11 08:11:26 -07:00
Todd C. Miller
feba299f22 configure: avoid running unnecessary tests on modern systems. 
Remove AC_SYS_POSIX_TERMIOS, AC_TYPE_MODE_T, AC_TYPE_UID_T.
Add missing checks for int16_t, uint16_t, int32_t, and int64_t.
Only check for intmax_t, uintmax_t and bit-width types if missing
both inttypes.h and stdint.h.
Remove unused clockid_t replacement.
 2022-11-11 07:05:26 -07:00
Todd C. Miller
b8e9fc1b12 Add a regress check for the cvtsudoers filter crash. 
GitHub issue #198.
 2022-11-11 07:05:24 -07:00
Todd C. Miller
264326de57 Fix a potential use-after-free bug with cvtsudoers filtering. 
In role_to_sudoers() when merging a privilege to the previous one
where the runas lists are the same we need to re-use the runas lists
of the last command in the previous privilege, not the first.
Otherwise, the check in free_cmndspec() will not notice the re-used
runas lists.  Reported/analyzed by Sohom Datta.  GitHub issue #198.
 2022-11-10 14:55:56 -07:00
Todd C. Miller
5683fc6f7a The name of the C locale w/ UTF-8 support is not always C.UTF-8. 
Use a pattern to find it (if present) and use that value instead
of hard-coding C.UTF-8.  This works around a leak sanitizer crash
on certain inputs.
 2022-11-11 07:05:21 -07:00
Todd C. Miller
75008a0570 Copy some LDIF test data from the cvtsudoers tests to the seed corpus. 
This includes a test to exercise the fix in PR #196.
 2022-11-10 09:54:59 -07:00
Todd C. Miller
455f250ac5 Set LDAP base for sudoers_parse_ldif(). 
Without this set the fuzzer will not exercise the dn parsing.
 2022-11-10 09:34:44 -07:00
Todd C. Miller
82150340a6 Include linux/elf.h, not elf.h to make sure we get NT_ARM_SYSTEM_CALL. 
The NT_PRSTATUS define is present in both files.
 2022-11-10 08:08:09 -07:00
Todd C. Miller
3e8497b5ce Remove CMSG_* compatibility macros, they are no longer used. 2022-11-09 15:24:28 -07:00