The purpose of set_cmnd_path() is to reset user_cmnd based on a new
runchroot. For the stub vers...

The gids are formatted as strings, not gid_t.

Also match parsed policy against multiple users.

The fuzzer now exercised the normal match code as well as the
pseudo-command (list, validate, etc...

This avoids the test environment from influencing sudoers matching.

It is possible to specify the member name in parens after the path,
e.g. sudoers.a(shr.o) for 32-...

The FUZZ_DESTDIR make variable needs to be set in the environment
or on the command line.

We need a separate open/close for each one.

This allows for disabling -fstack-protector without turning off the
other hardening options.

Note that we don't use ferror() here since our getdelim() has no
way to set the error flag if the...

Reproduces Bug #960.

This makes it easier for log parsers to identify what is a sudo log entry.

The fuzzers run as part of "make check" too in which case NO_LEAKS
won't be defined and the close...

We can't rely on printf("%s", NULL) not crashing.

Our getdelim(3) emulation won't set the error flag if the error is
due to an allocation failure. ...

Fixes excessive memory allocations for long lines. Bug #960.

It is now possible to disable the Ubuntu admin flag in sudoers
or change its location.
GitHub iss...

The '/' separator was missing in the resulting path.

The max_groups setting should no longer be needed anyway.

If we didn't call sudoers_policy_main() due to an early error there
may be more things to clean up.

The checks are now performed in the check_policy, list, validate
and invalidate functions instead...

Instead of setting user_cmnd in the policy functions, always set argv.
Calling sudoers_policy_mai...

The sudoers close() function is now called even for "sudo -k".
Also no need to set user_cmnd, it ...

Also, do not NULL out the close function if NO_LEAKS is defined.

This way we avoid files generated by the fuzzer itself.

https://google.github.io/oss-fuzz/getting-started/continuous-integration/

The ngroups parameter is an out parameter that is filled in with
the actual number of groups, whi...

This is only needed when calling sudoers_policy_deserialize_info()
more than once, which is true ...

This one was missed when the other user/group lookup functions
were fixed.

Includes a test case to reproduce CVE-2021-3156.

We really want a dependency on $(LIB_FUZZING_ENGINE) but that could
be a flag like "-fsanitize=fu...

Now that audit.c contains the audit module it doesn't belong in
libparsesudoers.

GitHub issue #92

libsudo_iolog.la already depends on libsudo_util.la and libsudo_eventlog.la
so we don't need to l...

Unlike POSIX basename(3), the GNU variant does not modify its argument.
Note that basename of a p...

On Illumos at least it returns a value other than 1.

We should assume that the contents of buf are undefined when getdelim(3)
returns -1. We now peek...

AIX and Illumos appear to have this behavior. We now preserve the
first character of the buffer ...

The default sudoers uses @includedir which can result in different
output, depending on the permi...

The parser will use that when reporting on an ERROR state. This
prevents the lexer from reportin...

This is still the best way to avoid displaying more than one error
per line.

This will allow the fuzzers to be run as part of "make check".

These will allow the fuzzers to be built as part of oss-fuzz.

It is not possible to set the sanitizer flags at configure time.

Uses a stub to make it possible to link w/o libfuzzer.
The goal is to ensure the fuzzers are alwa...

No longer need to link against libsudo_eventlog.la in sudoers.

Previously we didn't require the comma to be there.