Also check that "hg --version" or "git --version" works before using
hg or git. Bug #1043.

If a user's sudoers entry did not have any RunAs user's set, running
"sudo -U otheruser -l" would...

Lock the socket dir to avoid races in open_persistent_connection().
Also avoid using "ssh -f" sin...

If a function is not found, check again with "-lsocket", "-linet",
"-lsocket -lnsl", or "-lresolv...

We do not need to call AC_CACHE_VAL() to ensure that a variable is
cached, its name just needs to...

We don't use the NROFFPROG or MANDOCPROG any longer so no need
to set those.

Also move the PVS-Studio.cfg generation to sudo.m4.

[snprintf] Check for '\0' to prevent undef memory read

In practice this means we must use "sudo_noreturn static foo(void)"
instead of "static sudo_noret...

Run tests in a pty so check_ttyname works as expected.
Explicitly set short command line options ...

If the C23 attributes are not supported, use gcc-style attributes
where possible.

Use AX_APPEND_FLAG instead of addind to CFLAGS directly.

This is not included in the release tarball because it is of limited
use to other people.

This avoids any limit on the size of argv.

check_syntax(): Remove duplicate calls to init_defaults()

Once upon a time, command_info was a stack variable, now it is
dynamically allocated. Coverity C...

This restores the previous behavior.

Quiets warnings from Infer.

This should not be needed since we only use the returned pointer
if it is larger than the string ...

Fixes a potential resource leak that currently cannot happen.
Quiets a warning from Infer.

Previously, we just compared the error code with LDAP_NO_MEMORY
when checking for sudoOrder since...

This makes the "stayopen" semantics match the system passwd/group
functions. The getpwent/getgre...

While /usr/bin/cc _is_ clang on those platforms, some static analyzers
get confused if we don't r...

sudo_rcstr_dup: Fix potential NULL pointer deref

This line is only displayed when the pwfeedback option is disabled.
GitHub issue #195.

Fix some typos

intercept_read: Print and then return.

sudo_mmap_strdup_v1: Fix potential NULL pointer deref

Only the array was being freed, not the contents.
GitHub issue #202.

Fix memory leak of pass in converse().

GitHub issue #201

Also remove duplicate checks for arc4random() and getentropy().

Completely untested.

We only use it in the Linux-specific getentropy() emulation code.

Remove AC_SYS_POSIX_TERMIOS, AC_TYPE_MODE_T, AC_TYPE_UID_T.
Add missing checks for int16_t, uint1...

GitHub issue #198.

Use a pattern to find it (if present) and use that value instead
of hard-coding C.UTF-8. This wo...

In role_to_sudoers() when merging a privilege to the previous one
where the runas lists are the s...

This includes a test to exercise the fix in PR #196.

Without this set the fuzzer will not exercise the dn parsing.

The NT_PRSTATUS define is present in both files.

If run with address sanitizer, this test will crash when the fix
in ceaf706ab74b is reverted.

Prevent cvtsudoers from reading into undefined memory

Saves an unnecessary getpid(2) call.

If sudo is not the process group leader we must only send the suspend
signal to sudo itself. Whe...

When sudo runs a command in the user's existing terminal the command
is run in the same process g...

We need to forward signals from a process in the same pgrp if the
pgrp leader is not either sudo ...

Fixes a problem for intercept_method=trace when running a relative
command from a different direc...

This makes it easier to match against the MODE_ defines.