mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-28 12:57:50 +00:00
Code Issues Releases Wiki Activity
12,536 Commits 6 Branches 326 Tags
Commit Graph

53 Commits

Author SHA1 Message Date
Todd C. Miller
f6a9bb2e23 Use a single callback for sudoers_lookup() and add a closure pointer. 
The single callback now receives all the match info (or UNSPEC if
no match was attempted).  This makes it possible to use the callback
for more than just printing testsudoers output.
 2023-08-07 15:06:19 -06:00
Todd C. Miller
cbcb1d2506 sudoers plugin: make more bit flags unsigned. 2023-07-10 11:06:23 -06:00
Rose
5d758264ab Give every printf-like function restrict qualifiers 
The format value has to be a string literal, every time.

Otherwise, you are not using these functions correctly. To reinforce this fact, I putrestrict over every non-contrib example of this I could find.
 2023-07-07 20:23:20 -04:00
Todd C. Miller
a38b714667 sudoers plugin: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Todd C. Miller
01ad570e24 Move check_user_* functions to check_util.c so testsudoers can use them. 2023-06-30 10:43:18 -06:00
Todd C. Miller
e025cca440 Add callbacks to sudoers_lookup() so we can use it in testsudoers. 
Also pass in the time to be used for NOTBEFORE/NOTAFTER checks.
 2023-06-29 17:30:39 -06:00
Rose
e54ba33ea0 Avoid compiler casting warnings by assigning to the same type where possible 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-28 17:25:26 -04:00
Todd C. Miller
d5de5890f5 Make login_style private to bsdauth.c 
Add a setter for policy.c to handle auth_type from the front-end.
 2023-05-04 13:06:09 -06:00
Todd C. Miller
d1f2452c08 getaddrinfo stub: set sin_port 2023-04-26 16:27:34 -06:00
Todd C. Miller
2898c85119 Avoid NULL deref in stub getaddrinfo() when nodename is NULL. 
Also add support for parsing servname.  We only need to support a
subset of getaddrinfo() functionality in the fuzzer.
 2023-04-26 13:23:31 -06:00
Todd C. Miller
4b563ea44f Pass around const struct sudo_nss pointers where possible. 2023-03-17 13:41:38 -06:00
Todd C. Miller
c76ac1cab3 sudoers_cleanup: free cached environment before running g/c. 
Avoids a double free in fuzz_policy.
 2023-03-10 15:23:48 -07:00
Todd C. Miller
bff4e3ce16 set_cmnd_path: apply runchroot if set when finding the command path 
Previously we would prepend runchroot to the path we were checking
but that does not properly handle symbolic links.
 2023-02-21 13:24:33 -07:00
Todd C. Miller
3c9c8668c1 Avoid compilation errors if getaddrinfo() or freeaddrinfo() are macros. 
If this is the case we probably can't stub out the functions but
at least the fuzzer will compile.
 2023-01-31 13:33:59 -07:00
Todd C. Miller
91d7592e8a Use initprogname(), not setprogname() in the fuzzers. 
This results in better coverage for progname.c.
 2022-12-29 15:52:21 -07:00
Todd C. Miller
bca945f074 The contents of the env_add array should not include the leading "env=" prefix. 
The previous fix for this was incomplete.
 2022-12-28 09:25:41 -07:00
Todd C. Miller
e7b7fbaf6e Increase the realloc increment from 128 to 1024. 
The contents of the env_add array should not include the leading
"env=" prefix.
 2022-07-09 09:02:25 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
e5a50ae429 If there are multiple parse errors, send them in a single mail message. 2022-03-14 13:54:11 -06:00
Todd C. Miller
65e5b89f1d Pass file, line and column to sudoers defaults callbacks. 2022-03-10 13:35:58 -07:00
Todd C. Miller
d7ddff2a31 Add a hook for sudoers parse errors (including defaults and aliases). 
The hook can be used to log parser errors (sudoers module) or keep
track of which files have an error (visudo).
Previously, we only kept track of a single parse error.
 2022-03-10 13:30:56 -07:00
Todd C. Miller
6ec279532e Add a source to struct sudo_nss and use it if getdefs() fails. 
Also remove useless "Problem with defaults entries" warning in testsudoers.
 2022-03-09 12:38:25 -07:00
Todd C. Miller
41bc52302b Do not disable fuzzer output if SUDO_FUZZ_VERBOSE env variable is set. 2022-02-22 12:04:10 -07:00
Todd C. Miller
86f123cd9d Pass the operator to the Defaults callback too. 
That way we can tell what to do in callbacks for lists.
 2022-01-28 08:52:41 -07:00
Todd C. Miller
eefb7b0d54 Use a consistent version of fuzz_conversation() with all fuzzers. 
Also undo a change to fuzz_sudoers.c that snuck in to the last commit.
 2021-09-28 20:20:28 -06:00
Todd C. Miller
7d964875df Fuzzers should not produce output. 
Excessive output makes the fuzzer runs much less efficient.
 2021-09-28 18:53:49 -06:00
Todd C. Miller
132936f8f0 Make it possible to call the sudoers policy check function multiple times. 
We need to reset the Defaults values to their original state.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
532e00aa2b Only replace getaddrinfo for FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION. 
This works around an issue on SCO which uses inline functions in
the header files which call the actual, versioned, library function.
 2021-07-26 11:39:41 -06:00
Todd C. Miller
17a415ae77 Add log_exit_status sudoers option to log when a command exits. 
This option defaults to off.
 2021-07-09 11:08:44 -06:00
Todd C. Miller
95bfd65fec Flush stdout before successful return from LLVMFuzzerTestOneInput(). 
Fixes a problem with diag lines from libFuzzer being interspersed
with test output.
 2021-03-18 13:08:30 -06:00
Todd C. Miller
4a28b5d587 In find_path() stub only make a copy in outfile if returning FOUND. 
Fixed a recently-introduced memory leak in the fuzzer.
 2021-03-01 07:22:57 -07:00
Todd C. Miller
0c944576e9 Expand stub getaddrinfo() to resolve "localhost". 2021-02-28 19:52:02 -07:00
Todd C. Miller
cfcbc42ec7 Improve fuzz_policy coverage and set defaults in setdefs not parse. 
Now exercises session open/close and set additional defaults to
exercise more code paths.
 2021-02-28 19:52:01 -07:00
Todd C. Miller
3fc5932be0 Add a stub getaddrinfo(3) to avoid a DNS timeout in CIfuzz. 2021-02-25 21:12:03 -07:00
Todd C. Miller
8b545e561c Fix runchroot, runcwd, tty_tickets. Add timestampowner. 2021-02-25 20:06:35 -07:00
Todd C. Miller
d75db837bd Add some defaults settings in sudo_file_parse(). 
We don't have a real policy file but we still want to exercise callbacks
in sudoers.c.
 2021-02-25 19:40:46 -07:00
Todd C. Miller
65df01dd71 Add more passes to policy fuzzer 
Now execises list, list other user and show_version.
 2021-02-25 15:27:46 -07:00
Todd C. Miller
b3b80fe6df Implement sudoers_policy_deregister_hooks() 
Register/deregister hooks in fuzz_policy and also call show_version().
 2021-02-25 15:02:09 -07:00
Todd C. Miller
e6dc13229f Add sudoers debug register/deregister. 2021-02-25 13:35:29 -07:00
Todd C. Miller
05767145b3 Add fuzzer-specific stubs source file. 2021-02-24 16:43:59 -07:00
Todd C. Miller
a3f38fac0c Set program name in fuzzers so we get consisten warnings. 2021-02-24 15:14:58 -07:00
Todd C. Miller
9d27880af8 Use real eventlog config fuctions instead of stubs. 2021-02-24 15:08:53 -07:00
Todd C. Miller
f35d9c8be1 fuzz_printf and fuzz_conversation can be stubs. 2021-02-24 11:31:43 -07:00
Todd C. Miller
d02cc9c3ac Call list, validate and invalidate entry points too. 
We need a separate open/close for each one.
 2021-02-18 15:09:26 -07:00
Todd C. Miller
f76c59fc8f Restore the check for sudoers_policy.close == NULL. 
The fuzzers run as part of "make check" too in which case NO_LEAKS
won't be defined and the close function will be set to NULL.
 2021-02-18 07:58:34 -07:00
Todd C. Miller
ae3a098d2f Always dynamically allocate user_cmnd, it is freed in sudo_user_free(). 
Instead of setting user_cmnd in the policy functions, always set argv.
Calling sudoers_policy_main() with argc of 0 is no longer allowed.
 2021-02-16 09:32:34 -07:00
Todd C. Miller
52e3fcc795 Free struct sudo_user in sudoers_policy_close() and sudoers_cleanup(). 
Also, do not NULL out the close function if NO_LEAKS is defined.
 2021-02-15 08:29:47 -07:00
Todd C. Miller
7f3c670a13 Fix sudoers garbage collection and run it in policy fuzzer. 2021-02-14 14:01:31 -07:00
Todd C. Miller
561740cd54 Always dynamically allocate user_role, user_type, user_privs, user_limitprivs 2021-02-14 07:47:48 -07:00