Merge sudo 1.9.16p2 from tip.

--HG-- branch : 1.9
sudo-project · Nov 25, 2024 · 172cbd9 · 172cbd9
2 parents 1fbc146 + 73cbe4e
commit 172cbd9
Show file tree

Hide file tree

Showing 17 changed files with 134 additions and 65 deletions.
diff --git a/NEWS b/NEWS
@@ -1,3 +1,18 @@
+What's new in Sudo 1.9.16p2
+
+ * Sudo now passes the terminal device number to the policy plugin
+   even if it cannot resolve it to a path name.  This allows sudo
+   to run without warnings in a chroot jail when the terminal device
+   files are not present. GitHub issue #421.
+
+ * On Linux systems, sudo will now attempt to use the symbolic links
+   in /proc/self/fd/{0,1,2} when resolving the terminal device
+   number.  This can allow sudo to map a terminal device to its
+   path name even when /dev/pts is not mounted in a chroot jail.
+
+ * Fixed compilation errors with gcc and clang in C23 mode.
+   C23 no longer supports functions with unspecified arguments.
+
 What's new in Sudo 1.9.16p1
 
  * Fixed the test for cross-compiling when checking for C99 snprintf().

diff --git a/configure b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.72 for sudo 1.9.16p1.
+# Generated by GNU Autoconf 2.72 for sudo 1.9.16p2.
 #
 # Report bugs to <https://bugzilla.sudo.ws/>.
 #
@@ -614,8 +614,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sudo'
 PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.9.16p1'
-PACKAGE_STRING='sudo 1.9.16p1'
+PACKAGE_VERSION='1.9.16p2'
+PACKAGE_STRING='sudo 1.9.16p2'
 PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/'
 PACKAGE_URL=''
 
@@ -1645,7 +1645,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-'configure' configures sudo 1.9.16p1 to adapt to many kinds of systems.
+'configure' configures sudo 1.9.16p2 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1711,7 +1711,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sudo 1.9.16p1:";;
+     short | recursive ) echo "Configuration of sudo 1.9.16p2:";;
    esac
   cat <<\_ACEOF
 
@@ -2006,7 +2006,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sudo configure 1.9.16p1
+sudo configure 1.9.16p2
 generated by GNU Autoconf 2.72
 
 Copyright (C) 2023 Free Software Foundation, Inc.
@@ -2826,7 +2826,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sudo $as_me 1.9.16p1, which was
+It was created by sudo $as_me 1.9.16p2, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -36774,7 +36774,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sudo $as_me 1.9.16p1, which was
+This file was extended by sudo $as_me 1.9.16p2, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -36842,7 +36842,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-sudo config.status 1.9.16p1
+sudo config.status 1.9.16p2
 configured by $0, generated by GNU Autoconf 2.72,
   with options \\"\$ac_cs_config\\"
 

diff --git a/configure.ac b/configure.ac
@@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 dnl
 AC_PREREQ([2.69])
-AC_INIT([sudo], [1.9.16p1], [https://bugzilla.sudo.ws/], [sudo])
+AC_INIT([sudo], [1.9.16p2], [https://bugzilla.sudo.ws/], [sudo])
 AC_CONFIG_HEADERS([config.h pathnames.h])
 AC_CONFIG_SRCDIR([src/sudo.c])
 AC_CONFIG_AUX_DIR([scripts])

diff --git a/include/sudo_plugin.h b/include/sudo_plugin.h
@@ -96,7 +96,11 @@ typedef int (*sudo_printf_t)(int msg_type, const char * restrict fmt, ...);
 #endif
 
 /* Hook functions typedefs. */
+#if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 202311L)
+typedef int (*sudo_hook_fn_t)(...);
+#else
 typedef int (*sudo_hook_fn_t)();
+#endif
 typedef int (*sudo_hook_fn_setenv_t)(const char *name, const char *value, int overwrite, void *closure);
 typedef int (*sudo_hook_fn_putenv_t)(char *string, void *closure);
 typedef int (*sudo_hook_fn_getenv_t)(const char *name, char **value, void *closure);

diff --git a/lib/util/regress/parse_gids/parse_gids_test.c b/lib/util/regress/parse_gids/parse_gids_test.c
@@ -50,7 +50,7 @@ static struct parse_gids_test test_data[] = {
     { "1,2,3,4", &test_data[0].basegid, 0, 5, test1_out },
     { "1,2,3,4", NULL, 0, 4, test2_out },
     { "1,-2,3,4", &test_data[2].basegid, 0, 5, test3_out },
-    { NULL, false, 0, 0, NULL }
+    { NULL, NULL, 0, 0, NULL }
 };
 
 static void

diff --git a/lib/util/setgroups.c b/lib/util/setgroups.c
@@ -50,7 +50,7 @@ sudo_setgroups_v1(int ngids, const GETGROUPS_T *gids)
 	if (maxgids == -1)
 	    maxgids = NGROUPS_MAX;
 	if (ngids > maxgids)
-	    ret = setgroups(maxgids, (GETGROUPS_T *)gids);
+	    ret = setgroups((int)maxgids, (GETGROUPS_T *)gids);
     }
     debug_return_int(ret);
 }
diff --git a/lib/util/ttyname_dev.c b/lib/util/ttyname_dev.c
@@ -253,11 +253,39 @@ char *
 sudo_ttyname_dev_v1(dev_t rdev, char *buf, size_t buflen)
 {
     const char *devsearch, *devsearch_end;
-    char path[PATH_MAX], *ret;
+    char path[PATH_MAX], *ret = NULL;
     const char *cp, *ep;
     size_t len;
     debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL);
 
+#ifdef __linux__
+    /*
+     * First check std{in,out,err} and use /proc/self/fd/{0,1,2} if possible.
+     */
+    for (int fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) {
+	char fdpath[] = "/proc/self/fd/N";
+	struct stat sb;
+
+	if (fstat(fd, &sb) == -1 || !S_ISCHR(sb.st_mode))
+	    continue;
+	if (rdev != sb.st_rdev)
+	    continue;
+
+	fdpath[sizeof("/proc/self/fd/N") - 2] = '0' + fd;
+	len = readlink(fdpath, buf, buflen);
+	if (len != (size_t)-1) {
+	    if (len == buflen) {
+		errno = ERANGE;	/* buf too small */
+	    } else {
+		/* readlink(2) does not NUL-terminate. */
+		buf[len] = '\0';
+		ret = buf;
+	    }
+	    goto done;
+	}
+    }
+#endif
+
     /*
      * First, check /dev/console.
      */

diff --git a/plugins/sudoers/cvtsudoers_ldif.c b/plugins/sudoers/cvtsudoers_ldif.c
@@ -204,7 +204,7 @@ print_global_defaults_ldif(FILE *fp,
 	    lbuf.len = 0;
 	    if (!sudo_lbuf_append(&lbuf, "# "))
 		goto done;
-	    if (!sudoers_format_default_line(&lbuf, parse_tree, opt, false, true))
+	    if (!sudoers_format_default_line(&lbuf, parse_tree, opt, NULL, true))
 		goto done;
 	    fprintf(fp, "# Unable to translate %s:%d:%d:\n%s\n",
 		opt->file, opt->line, opt->column, lbuf.buf);

diff --git a/plugins/sudoers/cvtsudoers_pwutil.c b/plugins/sudoers/cvtsudoers_pwutil.c
@@ -403,7 +403,7 @@ cvtsudoers_make_grlist_item(const struct passwd *pw, char * const *unused1)
     struct cache_item_grlist *grlitem;
     struct sudoers_string *s;
     struct group_list *grlist;
-    size_t groupname_len;
+    long groupname_len;
     debug_decl(cvtsudoers_make_grlist_item, SUDOERS_DEBUG_NSS);
 
     /*
@@ -421,15 +421,17 @@ cvtsudoers_make_grlist_item(const struct passwd *pw, char * const *unused1)
     }
 
 #ifdef _SC_LOGIN_NAME_MAX
-    groupname_len = (size_t)MAX(sysconf(_SC_LOGIN_NAME_MAX), 32);
+    groupname_len = sysconf(_SC_LOGIN_NAME_MAX);
+    if (groupname_len < 32)
+	groupname_len = 32;
 #else
     groupname_len = MAX(LOGIN_NAME_MAX, 32);
 #endif
 
     /* Allocate in one big chunk for easy freeing. */
     nsize = strlen(pw->pw_name) + 1;
     total = sizeof(*grlitem) + nsize;
-    total += groupname_len * ngroups;
+    total += (size_t)groupname_len * ngroups;
 
 again:
     if ((grlitem = calloc(1, total)) == NULL) {
@@ -470,7 +472,7 @@ cvtsudoers_make_grlist_item(const struct passwd *pw, char * const *unused1)
 	}
 	len = strlen(s->str) + 1;
 	if ((size_t)(cp - (char *)grlitem) + len > total) {
-	    total += len + groupname_len;
+	    total += len + (size_t)groupname_len;
 	    free(grlitem);
 	    goto again;
 	}

diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
@@ -1358,10 +1358,10 @@ sudoers_policy_version(int verbose)
 }
 
 static struct sudo_hook sudoers_hooks[] = {
-    { SUDO_HOOK_VERSION, SUDO_HOOK_SETENV, sudoers_hook_setenv, NULL },
-    { SUDO_HOOK_VERSION, SUDO_HOOK_UNSETENV, sudoers_hook_unsetenv, NULL },
-    { SUDO_HOOK_VERSION, SUDO_HOOK_GETENV, sudoers_hook_getenv, NULL },
-    { SUDO_HOOK_VERSION, SUDO_HOOK_PUTENV, sudoers_hook_putenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_SETENV, (sudo_hook_fn_t)sudoers_hook_setenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_UNSETENV, (sudo_hook_fn_t)sudoers_hook_unsetenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_GETENV, (sudo_hook_fn_t)sudoers_hook_getenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_PUTENV, (sudo_hook_fn_t)sudoers_hook_putenv, NULL },
     { 0, 0, NULL, NULL }
 };
 

diff --git a/plugins/sudoers/pwutil_impl.c b/plugins/sudoers/pwutil_impl.c
@@ -363,12 +363,13 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, int ngids, GETGROUPS_T *gids,
 struct cache_item *
 PREFIX(make_grlist_item)(const struct passwd *pw, char * const *unused1)
 {
-    char *cp;
-    size_t groupname_len, len, ngroups, nsize, total;
+    size_t len, ngroups, nsize, total;
     struct cache_item_grlist *grlitem;
     struct group_list *grlist;
     struct gid_list *gidlist;
     struct group *grp = NULL;
+    long groupname_len;
+    char *cp;
     int i;
     debug_decl(sudo_make_grlist_item, SUDOERS_DEBUG_NSS);
 
@@ -381,7 +382,9 @@ PREFIX(make_grlist_item)(const struct passwd *pw, char * const *unused1)
     }
 
 #ifdef _SC_LOGIN_NAME_MAX
-    groupname_len = (size_t)MAX(sysconf(_SC_LOGIN_NAME_MAX), 32);
+    groupname_len = sysconf(_SC_LOGIN_NAME_MAX);
+    if (groupname_len < 32)
+	groupname_len = 32;
 #else
     groupname_len = MAX(LOGIN_NAME_MAX, 32);
 #endif
@@ -390,7 +393,7 @@ PREFIX(make_grlist_item)(const struct passwd *pw, char * const *unused1)
     nsize = strlen(pw->pw_name) + 1;
     total = sizeof(*grlitem) + nsize;
     total += sizeof(char *) * (size_t)gidlist->ngids;
-    total += groupname_len * (size_t)gidlist->ngids;
+    total += (size_t)(groupname_len * gidlist->ngids);
 
 again:
     if ((grlitem = calloc(1, total)) == NULL) {
@@ -429,7 +432,7 @@ PREFIX(make_grlist_item)(const struct passwd *pw, char * const *unused1)
 	if ((grp = sudo_getgrgid(gidlist->gids[i])) != NULL) {
 	    len = strlen(grp->gr_name) + 1;
 	    if ((size_t)(cp - (char *)grlitem) + len > total) {
-		total += len + groupname_len;
+		total += len + (size_t)groupname_len;
 		free(grlitem);
 		sudo_gr_delref(grp);
 		goto again;

diff --git a/plugins/sudoers/sudo_printf.c b/plugins/sudoers/sudo_printf.c
@@ -69,7 +69,7 @@ sudo_printf_int(int msg_type, const char * restrict fmt, ...)
 	    va_end(ap);
 	}
 	if (len != -1) {
-	    if (fwrite(buf, 1, len, ttyfp ? ttyfp : fp) == 0)
+	    if (fwrite(buf, 1, (size_t)len, ttyfp ? ttyfp : fp) == 0)
 		len = -1;
 	    if (buf != sbuf)
 		free(buf);

diff --git a/plugins/sudoers/sudoreplay.c b/plugins/sudoers/sudoreplay.c
@@ -1678,9 +1678,9 @@ read_keyboard(int fd, int what, void *v)
 static void
 display_usage(FILE *fp)
 {
-    fprintf(fp, _("usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"),
+    fprintf(fp, "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n",
 	getprogname());
-    fprintf(fp, _("usage: %s [-h] [-d dir] -l [search expression]\n"),
+    fprintf(fp, "usage: %s [-h] [-d dir] -l [search expression]\n",
 	getprogname());
 }
 

diff --git a/src/conversation.c b/src/conversation.c
@@ -219,7 +219,7 @@ sudo_conversation_printf(int msg_type, const char * restrict fmt, ...)
             va_end(ap);
         }
         if (len != -1) {
-            if (fwrite(buf, 1, len, ttyfp ? ttyfp : fp) == 0)
+            if (fwrite(buf, 1, (size_t)len, ttyfp ? ttyfp : fp) == 0)
                 len = -1;
             if (buf != sbuf)
                 free(buf);

diff --git a/src/hooks.c b/src/hooks.c
@@ -125,7 +125,7 @@ process_hooks_unsetenv(const char *name)
 /* Hook registration internals. */
 static int
 register_hook_internal(struct sudo_hook_list *head,
-    int (*hook_fn)(), void *closure)
+    sudo_hook_fn_t hook_fn, void *closure)
 {
     struct sudo_hook_entry *hook;
     debug_decl(register_hook_internal, SUDO_DEBUG_HOOKS);
@@ -185,7 +185,7 @@ register_hook(struct sudo_hook *hook)
 /* Hook deregistration internals. */
 static void
 deregister_hook_internal(struct sudo_hook_list *head,
-    int (*hook_fn)(), void *closure)
+    sudo_hook_fn_t hook_fn, void *closure)
 {
     struct sudo_hook_entry *hook, *prev = NULL;
     debug_decl(deregister_hook_internal, SUDO_DEBUG_HOOKS);

diff --git a/src/sudo.c b/src/sudo.c
@@ -622,10 +622,13 @@ get_user_info(struct user_details *ud)
     if (ttydev != (dev_t)-1) {
 	if (asprintf(&info[++i], "ttydev=%lld", (long long)ttydev) == -1)
 	    goto oom;
-	info[++i] = sudo_new_key_val("tty", path);
-	if (info[i] == NULL)
-	    goto oom;
-	ud->tty = info[i] + sizeof("tty=") - 1;
+	/* The terminal device file may be missing in a chroot() jail. */
+	if (path[0] != '\0') {
+	    info[++i] = sudo_new_key_val("tty", path);
+	    if (info[i] == NULL)
+		goto oom;
+	    ud->tty = info[i] + sizeof("tty=") - 1;
+	}
     } else {
 	/* tty may not always be present */
 	if (errno != ENOENT)