mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity
12,991 Commits 6 Branches 326 Tags
Commit Graph

414 Commits

Author SHA1 Message Date
Rose
a925829e60 Restrict-qualify a few methods that are listed as such 2025-06-04 11:12:18 -06:00
Todd C. Miller
ce0ec8ddca Free existing contents of struct eventlog before overwriting. 
In the unlikely event that there are duplicate keys in info_msgs,
free the old string before overwriting with the new one.
 2025-03-31 20:11:34 -06:00
Todd C. Miller
b0d94331c0 No longer need to define NSIG for cppcheck. 
There is now a configure check that defines it as needed.
 2025-02-11 08:42:57 -07:00
Todd C. Miller
a27b989c9c Check for negative return value of read, write and lseek instead of -1 
The return values are used in ways that assume they are positive.
In practice, it is not possible to have a negative return value
other than -1 due to the size of the buffers being read from or
written to.  Also add overflow checks when updating the buffer len.
Quiets several coverity warnings.
 2025-01-16 19:46:15 -07:00
Todd C. Miller
de3b179a03 Don't need to undef _POSIX_HOST_NAME_MAX, it is not used. 2024-12-01 10:00:30 -07:00
Todd C. Miller
22b320645c Fix the date written used by the exit record in sudo-format log files 
The change to always get the current time when building a struct
evlog in sudoers broke the data and time written for exit records.
This only affected file-based logs, not syslog.  GitHub issue #405.
 2024-09-06 13:05:47 -06:00
Robert Manner
ba29f54d97 logsrvd,plugins/sudoers: add debug log on TLS verification error 2024-05-17 17:18:32 -06:00
Todd C. Miller
27963e39f3 Pass "make spell" with updated codespell. 2024-04-29 09:19:52 -06:00
Todd C. Miller
b6175b78ad Remove EVLOG_JSON, callers must use EVLOG_JSON_COMPACT or EVLOG_JSON_PRETTY 2024-03-09 11:42:07 -07:00
Todd C. Miller
46e31a74d7 Add "json_pretty" log format, currently the same as "json". 
In a future version, "json" will be an alias for "json_compact"
instead.  GitHub issue #357.
 2024-03-09 10:59:54 -07:00
Todd C. Miller
1debad3bec Add json_compact log type for compact/minified JSON. 
The "json_compact" log type logs one event per line in compact/minified
JSON format.  GitHub issue #357.
 2024-03-08 16:31:39 -07:00
Todd C. Miller
81acb2bd7b Regenerate dependencies 2024-02-21 13:17:54 -07:00
Todd C. Miller
3944ab1fbe Use $(CPP) instead if $(CC) -E when buiding .i files from .c. 2024-02-21 12:31:50 -07:00
Todd C. Miller
b9275b7eab Rename submit_time -> event_time in struct eventlog. 2023-11-23 09:08:04 -05:00
Todd C. Miller
3b891c136e fmt_info_messages: bump info_msgs_size for submitenv 2023-11-02 13:57:18 -06:00
Todd C. Miller
31bcdec232 Set the open file descriptor limit to the maximum allowed value. 
Each connection can require up to 9 descriptors.
 2023-10-27 11:17:32 -06:00
Todd C. Miller
3bbc7c8f85 Store submitenv in eventlog and pass it to sudo_logsrvd. 2023-10-22 08:36:44 -06:00
Todd C. Miller
726b646b48 struct eventlog: rename argv/env to runargv/runenv. 
This matches the JSON logs.
 2023-10-21 19:15:46 -06:00
Todd C. Miller
09a4264372 logsrvd: display error string in message if iolog_mkpath() fails 2023-10-19 14:39:13 -06:00
Todd C. Miller
14d514e5ac Avoid using %zu or %zd with printf() and fprintf(). 
This prevents problems on systems where the system printf(3) is not
C99-compliant.  We use our own snprintf() on such systems so that
is safe.
 2023-10-17 20:14:53 -06:00
Rose
e095069d2a Prefer fputs over fprintf where possible 
fprintf does extra work and meant for formatting strings.
 2023-10-15 10:28:57 -06:00
Todd C. Miller
1398289fab Add casts when storing values in a struct timespec. 
Fixes -Wconversion warnings on some 32-bit systems where time_t is
still 32-bit.
 2023-09-27 15:11:10 -06:00
Todd C. Miller
e343e07543 Use #include <foo.h> instead of #include "foo.h" in most cases. 
We rely on the include path to find many of these headers.  It
especially doesn't make sense to use #include "foo.h" for headers
in the top-level include directory.
 2023-09-25 10:13:28 -06:00
Todd C. Miller
cc15f847ac Bump info_msgs_size to make room for the source. 2023-08-09 16:14:52 -06:00
Todd C. Miller
0b03511b85 Log source in JSON logs 
This makes it possible to tell which rule resulted in a match.
 2023-08-08 09:56:19 -06:00
Todd C. Miller
1e6c5f3e79 Fix checking of SSL_{read,write}_ex() return value. 
These have a boolean-style return value.  However, our emulated
versions can return -1 on error, which we need to preserve for older
versions of SSL_get_error() which expect it.
 2023-08-08 10:18:57 -06:00
Todd C. Miller
184e03b4a9 ERR_get_error() returns unsigned long, not int. 2023-08-07 08:05:00 -06:00
Todd C. Miller
d6d467b92e Add implementation of SSL_read_ex/SSL_write_ex for those without. 2023-08-05 10:38:02 -06:00
Todd C. Miller
e6d14c95b6 Use SSL_read_ex() and SSL_write_ex() instead of SSL_read() and SSL_write(). 2023-08-05 10:38:01 -06:00
Todd C. Miller
2eee45ef96 evlog_new: store a new copy of peeraddr, not a pointer to a buffer. 
Starting in sudo 1.9.14, eventlog_free() will free the peeraddr
member too so it needs to be dynamically allocated.
 2023-07-11 13:51:16 -06:00
Rose
5d758264ab Give every printf-like function restrict qualifiers 
The format value has to be a string literal, every time.

Otherwise, you are not using these functions correctly. To reinforce this fact, I putrestrict over every non-contrib example of this I could find.
 2023-07-07 20:23:20 -04:00
Todd C. Miller
4891f37a45 sudo_logsrvd: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
f6d1542416 Move display of usage text into display_usage() so usage() always exits. 2023-07-04 19:47:28 -06:00
Todd C. Miller
1f0f6b7c78 Fix some indentation. 2023-07-04 18:03:47 -06:00
Rose
732110428e Fix fuzzing errors 
We should be checking for integer overflow, rather than checking if size is 0.

Additionally, we should set errno to ENOMEM when this overflow happens.

Finally, the most efficient implementation of the round-up-to-2 algorithm involves the clz intrinsic.
 2023-07-03 22:20:05 -04:00
Todd C. Miller
e95bd883d7 Promote length/size/offset in struct connection_buffer to size_t. 2023-07-03 17:02:24 -06:00
Todd C. Miller
56a431f7ea Make sudo_pow2_roundup() operate on size_t. 2023-07-03 16:51:05 -06:00
Rose
45fdfa18f1 Mark functions not returning as sudo_noreturn 
We also put NOTREACHED where it applies.
 2023-07-01 17:40:16 -04:00
Todd C. Miller
f437c66a2a
Merge pull request #265 from AtariDreams/types 
Avoid compiler casting warnings by assigning to variables of the same type where possible
 2023-06-29 10:06:30 -06:00
Rose
2c13d7130c We should be returning 0, not 1, when logservd finishes without errors 
1 is for failure, 0 is for no failure, and this does not look like a failure.
 2023-06-28 17:27:13 -04:00
Rose
e54ba33ea0 Avoid compiler casting warnings by assigning to the same type where possible 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-28 17:25:26 -04:00
Todd C. Miller
d4c6ef1222 Add adminconfdir and --enable-adminconf to set it. 
Configuration paths in sudo are now a colon-separated list of files
with the adminconfdir instance first (if enabled), followed by a
sysconfdir instance.
 2023-05-02 10:37:39 -06:00
Todd C. Miller
4363d03ef7 Convert config file paths to colon-separated path list. 
This means that _PATH_SUDO_CONF, _PATH_SUDOERS, _PATH_SUDO_LOGSRVD_CONF,
and _PATH_CVTSUDOERS_CONF can now specify multiple files.  The first
file that exists is used.
 2023-05-02 10:37:38 -06:00
Todd C. Miller
978aa90021 No longer need to set AI_NUMERICSERV while fuzzing. 
Now that getaddrinfo() is stubbed out while fuzzing we can remove
the hack that set AI_NUMERICSERV.
 2023-04-28 13:26:53 -06:00
Todd C. Miller
d1f2452c08 getaddrinfo stub: set sin_port 2023-04-26 16:27:34 -06:00
Todd C. Miller
2898c85119 Avoid NULL deref in stub getaddrinfo() when nodename is NULL. 
Also add support for parsing servname.  We only need to support a
subset of getaddrinfo() functionality in the fuzzer.
 2023-04-26 13:23:31 -06:00
Todd C. Miller
47ae92d034 Include arpa/inet.h for inet_pton() prototype. 2023-04-25 13:22:02 -06:00
Todd C. Miller
3d4dc19ecd Add netdb.h for struct addrinfo and EAI_* error codes. 2023-04-25 13:15:55 -06:00
Todd C. Miller
64f6d6fdbc Stub out getaddrinfo() and freeaddrinfo(). 
We may not be able have access to DNS in the fuzzing environment.
 2023-04-25 13:06:24 -06:00
Todd C. Miller
b013711e48 Check for sudo_pow2_roundup() overflow. 
Calling sudo_pow2_roundup(INT_MAX+2) will return since there is no
power of 2 larger than INT_MAX+1 that fits in an unsigned int.
This is not an issue in practice since we restrict messages to 2Mib.
 2023-03-01 13:58:32 -07:00