mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-30 05:48:18 +00:00
Code Issues Releases Wiki Activity
13,161 Commits 6 Branches 326 Tags
Commit Graph

13161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
df969d30b4 Silence a few remaining -Wconversion warnings. 2023-08-23 14:56:50 -06:00
Todd C. Miller
522ac12f21 No need to inclue auth/sudo_auth.h 2023-08-23 14:27:19 -06:00
Todd C. Miller
18aba49843 --enable-pvs-studio: check for license file in the default location 2023-08-23 09:56:39 -06:00
ken
60e5842014
modify ret type from int to bool (#298) 
* modify ret type from int to bool

* change debug_return_int to debug_return_bool

* modify ret type
 2023-08-23 08:37:09 -06:00
Todd C. Miller
091051125b Move timestampowner sudoers callback to timestamp.c. 2023-08-22 17:04:08 -06:00
Todd C. Miller
593998cb62 Quiet a PVS-Studio false positive about possible NULL dereference. 
set_perms() is only called with a NULL ctx for PERM_ROOT, PERM_SUDOERS
and PERM_TIMESTAMP.
 2023-08-22 09:58:05 -06:00
Todd C. Miller
821799d1f4 set_perms: ctx may be NULL for PERM_ROOT, PERM_SUDOERS, PERM_TIMESTAMP. 2023-08-21 16:53:35 -06:00
Todd C. Miller
c7157ce0b1 Move a few fields from sudoers_user_contect to sudoers_context. 
They are not really specific to the user or user-specified.
 2023-08-21 15:30:12 -06:00
Todd C. Miller
9aaba80a04 Remove dead code dealing with unknown user and MODE_INVALIDATE. 
The timestamp unlink code does not need the user's struct passwd
pointer, just the user name (which we already have).  Found by
PVS-Studio.
 2023-08-21 13:21:51 -06:00
Todd C. Miller
df730dec5d Suppress some other PVS-Studio false positives. 2023-08-21 13:21:49 -06:00
Todd C. Miller
49cd7463c5 Quiet a PVS-Studio false positive about possible NULL dereference. 
set_perms() is only called with a NULL ctx for PERM_ROOT, PERM_SUDOERS
and PERM_TIMESTAMP.
 2023-08-21 13:19:10 -06:00
Todd C. Miller
8161205447 MODE_KILL is never set in the sudoers plugin, remove it. 2023-08-21 12:52:21 -06:00
Todd C. Miller
c6987aa26e Cast int to size_t before adding instead of casting the result. 
Quiets PVS-Studio warning V1028.
 2023-08-21 12:50:31 -06:00
Todd C. Miller
9f05bfd298 Fix log_server_accept() definition for --disable-log-client builds. 2023-08-21 11:35:23 -06:00
Todd C. Miller
e933fc7ba3 Use a global static struct exec_closure for the cleanup hook. 
This is safer than storing a pointer to a stack variable in the
cleanup function since we don't need to worry about it ever going
out of scope.  Quiets a clang 15 analyzer warning.
 2023-08-21 10:47:34 -06:00
Todd C. Miller
6fa4786534 Plug memory leak if journal_parse_error() fails. 
Found by the clang 15 analyzer.
 2023-08-21 10:47:32 -06:00
Todd C. Miller
46e6955ba6 Eliminate some clang analyzer false positives. 2023-08-21 10:47:32 -06:00
Todd C. Miller
ff5914d7f7 Move sudoedit_nfiles into struct sudoers_context. 2023-08-21 10:47:25 -06:00
Todd C. Miller
3473bf9360 Move sudo_mode into struct sudoers_context. 2023-08-21 10:47:23 -06:00
Todd C. Miller
837da1bef0 Move NewArgv, NewArgc and saved_argv into struct sudoers_context. 2023-08-21 09:22:24 -06:00
Todd C. Miller
87571dab0a Add struct sudoers_conf to struct sudoers_plugin_context. 
There's now no need to pass this directly to init_parser() since we
already pass in a pointer to a sudoers_context struct.
 2023-08-21 09:21:54 -06:00
Todd C. Miller
9e53d903ea Store policy paths in struct sudoers_context. 
This removes the need for the getters in policy.c.
 2023-08-21 09:21:53 -06:00
Todd C. Miller
bbaf293912 Add sudoers_ctx_free() and use it for freeing struct sudoers context. 
This replaces sudoers_user_ctx_free() and sudoers_runas_ctx_free().
 2023-08-21 09:21:52 -06:00
Todd C. Miller
2440174954 Make struct sudoers_context private to sudoers.c. 
We now pass a pointer to the context where necessary.  There are a
few cases where we need to request the context from sudoers via
sudoers_get_context() for the plugin API functions.  If the plugin
API was able to pass around a closure pointer this would not be
necessary.
 2023-08-21 09:21:49 -06:00
Todd C. Miller
2d2529a15e Add a sudoers_context struct that embeds the user and runas structs. 2023-08-20 16:27:08 -06:00
Todd C. Miller
1b9fb405a3 free_parse_tree: clear the nss pointer when freeing. 2023-08-18 12:24:00 -06:00
Todd C. Miller
a712af5a26 sudoers_parse_ldif: do not free parse_tree before using 
The user is expected to pass in an initialized and empty parse_tree
so there is no need to free it first.
 2023-08-18 12:22:43 -06:00
Todd C. Miller
902453a829 Update embedded copy of zlib to version 1.3. 2023-08-18 11:26:27 -06:00
Todd C. Miller
cb01b90a5c We still need to clamp ngids if getgrouplist2() returns -1. 
Otherwise, we end up with ngids set to the number of gids the user
belongs to which may be larger than what the front-end specified.
Fixes a regression introduced in the last commit here.
 2023-08-15 08:52:02 -06:00
Todd C. Miller
f17aebe6aa No need to clear errno when using sudo_strtonum(). 2023-08-14 16:29:47 -06:00
Todd C. Miller
20baa39007 Move max_groups out of sudoers_user_context and into pwutil.c. 
It is only used by the local password pwutil implementation.
 2023-08-14 16:29:15 -06:00
Todd C. Miller
737354390c Pass in directory to check_user_runchroot() and check_user_runcwd(). 
This way we do not rely on the runas_ctx global.
 2023-08-14 13:25:13 -06:00
Todd C. Miller
2e8648ea0f check_exptilde: don't need runas_ctx here 2023-08-14 12:37:44 -06:00
Todd C. Miller
08afb5183f Move RUNAS_{USER,GROUP}_SPECIFIED flags into struct sudoers_runas_context. 2023-08-14 09:01:39 -06:00
Todd C. Miller
392f0d61cb Make path_plugin_dir private to policy.c and add getter. 2023-08-13 17:05:00 -06:00
Todd C. Miller
217b7b46f3 Move list_pw global into struct runas_context. 2023-08-13 09:34:57 -06:00
Todd C. Miller
a321e6cedf Add struct sudoers_runas_context and move runas-specific bits into it. 2023-08-12 14:20:30 -06:00
Todd C. Miller
d8b28dad97 Expand the user_* (and more) macros to user_ctx.foo. 2023-08-12 10:39:59 -06:00
Todd C. Miller
930ca00252 Pass explicit struct passwd * to create_admin_success_flag(). 2023-08-12 10:39:49 -06:00
Todd C. Miller
30c49288f7 Make sudoers_user_ctx_free() private to sudoers.c 2023-08-12 10:39:48 -06:00
Todd C. Miller
bd8cccb5dd Rename struct sudo_user -> struct sudo_user_context. 
Also rename the sudo_user global to user_ctx.
 2023-08-12 10:39:47 -06:00
Todd C. Miller
d148e7d8f9 fd_matches_tty: only zero out fd_sb if fstat(2) fails. 
We need to preserve the contents of the struct stat if the fd is
some other type so the check for piped output works correctly.
Bug #1057
 2023-08-12 10:39:33 -06:00
Todd C. Miller
6f659e2deb Leave the I/O log callbacks in iolog.c 
Otherwise, check_iolog_plugin will not link.
 2023-08-10 16:20:18 -06:00
Todd C. Miller
603148e7f2 Move sudoers parser callbacks to callbacks.c. 2023-08-10 15:49:30 -06:00
Todd C. Miller
cc15f847ac Bump info_msgs_size to make room for the source. 2023-08-09 16:14:52 -06:00
Todd C. Miller
ee5cab977f Update Xcode version from 13.2.1 to 13.4.1. 2023-08-09 13:54:16 -06:00
Todd C. Miller
811051d32a Use int, not short for events in the event API. 
This fixes some -Wconversion warnings and fixes an inconsistency
between the libsudo_util event API and the plugin event API.  The
actual struct internals still use shorts to avoid changing the ABI.
 2023-08-09 13:22:12 -06:00
Todd C. Miller
0f2e5dae90 Use const pointers where possible in the display code. 2023-08-09 11:19:17 -06:00
Todd C. Miller
6842dd1bfd Document "sudo -ll command" output. 2023-08-09 10:57:16 -06:00
Todd C. Miller
60eef27e6d Add verbose version of "sudo -l command" by using an extra -l. 
The output of "sudo -ll command" consists of the matching sudoers
rule (in long form) with the addition of a "Matched" entry that
shows the fully-qualfied path along with any arguments.
 2023-08-09 10:16:10 -06:00