diff options
| author | Todd C. Miller <Todd.Miller@sudo.ws> | 2020-10-30 10:15:30 -0600 |
|---|---|---|
| committer | Todd C. Miller <Todd.Miller@sudo.ws> | 2020-10-30 10:15:30 -0600 |
| commit | 7b30bbe7fd530a323ad34e2999a2b16619e4514a (patch) | |
| tree | b4e70c03a210d45b8c71e57e9161eaec524e4802 | |
| parent | d94142ff8839dd43133b22d1027a35b5f2445772 (diff) | |
| download | sudo-7b30bbe7fd530a323ad34e2999a2b16619e4514a.tar.gz | |
Apply Google inclusive language guidelines.
Also replace backwards with backward.
52 files changed, 158 insertions, 160 deletions
@@ -22,7 +22,7 @@ work on translations can contact the appropriate team. =================== Some packages are "localizable" when properly installed; the programs -they contain can be made to speak your own native language. Most such +they contain can be made to speak your own local language. Most such packages use GNU 'gettext'. Other packages have their own ways to internationalization, predating GNU 'gettext'. @@ -852,11 +852,11 @@ Options that set runtime-changeable default values: Sudoers option: runas_default --with-secure-path[=PATH] - Path used for every command run from sudo(8). If you don't trust the - people running sudo to have a sane PATH environment variable you may - want to use this. Another use is if you want to have the "root path" - be separate from the "user path." You will need to customize the path - for your site. NOTE: this is not applied to users in the group + Path used for every command run from sudo(8). If you don't trust + users to have a reasonable PATH environment variable you may want + to use this. Another use is if you want to have the "root path" + be separate from the "user path." You will need to customize the + path for your site. NOTE: this is not applied to users in the group specified by --with-exemptgroup. If you do not specify a path, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc" is used. Sudoers option: secure_path @@ -23,9 +23,9 @@ What's new in Sudo 1.9.3 doesn't support symbol hiding. * Sudo now uses a linker script to hide symbols even when the - compiler has native symbol hiding support. This should make it - easier to detect omissions in the symbol exports file, regardless - of the platform. + compiler supports symbol hiding. This should make it easier to + detect omissions in the symbol exports file, regardless of the + platform. * Fixed the libssl dependency in Debian packages for older releases that use libssl1.0.0. @@ -1699,7 +1699,7 @@ What's new in Sudo 1.8.11 * Fixed a crash in the system_group plugin. Bug #653. - * Fixed sudoedit on platforms without a native version of the + * Fixed sudoedit on platforms without a system version of the getprogname() function. Bug #654. * Fixed compilation problems with some pre-C99 compilers. @@ -2025,7 +2025,7 @@ What's new in Sudo 1.8.7? * There is now a standalone sudo.conf manual page. * Sudo now stores its libexec files in a "sudo" sub-directory instead - of in libexec itself. For backwards compatibility, if the plugin + of in libexec itself. For backward compatibility, if the plugin is not found in the default plugin directory, sudo will check the parent directory if the default directory ends in "/sudo". @@ -2488,7 +2488,7 @@ What's new in Sudo 1.8.3? * Added --enable-werror configure option for gcc's -Werror flag. * Visudo no longer assumes all editors support the +linenumber - command line argument. It now uses a whitelist of editors known + command line argument. It now uses a allowlist of editors known to support the option. * Fixed matching of network addresses when a netmask is specified diff --git a/configure.ac b/configure.ac index 6e9408535..03ca996a0 100644 --- a/configure.ac +++ b/configure.ac @@ -4708,7 +4708,7 @@ if test -n "$GCC"; then fi dnl -dnl Skip regress tests and sudoers sanity check if cross compiling. +dnl Skip regress tests and sudoers validation checks if cross compiling. dnl CROSS_COMPILING="$cross_compiling" diff --git a/doc/UPGRADE b/doc/UPGRADE index 853b60d20..7d03777ba 100644 --- a/doc/UPGRADE +++ b/doc/UPGRADE @@ -175,7 +175,7 @@ o Upgrading from a version prior to 1.8.14: On HP-UX, sudo will no longer check for "plugin.sl" if "plugin.so" is specified but does not exist. This was a temporary hack for - backwards compatibility with Sudo 1.8.6 and below when the + backward compatibility with Sudo 1.8.6 and below when the plugin path name was not listed in sudo.conf. A plugin path name that explicitly ends in ".sl" will still work as expected. @@ -224,12 +224,12 @@ o Upgrading from a version prior to 1.8.10: o Upgrading from a version prior to 1.8.7: Sudo now stores its libexec files in a "sudo" sub-directory - instead of in libexec itself. For backwards compatibility, if + instead of in libexec itself. For backward compatibility, if the plugin is not found in the default plugin directory, sudo will check the parent directory default directory ends in "/sudo". The default sudo plugins now all use the .so extension, regardless - of the extension used by native shared libraries. For backwards + of the extension used by system shared libraries. For backward compatibility, sudo on HP-UX will also search for a plugin with an .sl extension if the .so version is not found. diff --git a/doc/sudo.conf.man.in b/doc/sudo.conf.man.in index f391d5963..f544fc979 100644 --- a/doc/sudo.conf.man.in +++ b/doc/sudo.conf.man.in @@ -17,7 +17,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .nr SL @SEMAN@ -.TH "SUDO.CONF" "@mansectform@" "June 1, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO.CONF" "@mansectform@" "October 30, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -739,7 +739,7 @@ Plugin sudoers_audit sudoers.so # Sudo noexec: # Path noexec /path/to/sudo_noexec.so # -# Path to a shared library containing dummy versions of the execv(), +# Path to a shared library containing replacements for the execv(), # execve() and fexecve() library functions that just return an error. # This is used to implement the "noexec" functionality on systems that # support LD_PRELOAD or its equivalent. diff --git a/doc/sudo.conf.mdoc.in b/doc/sudo.conf.mdoc.in index afaa49381..c3c3477fb 100644 --- a/doc/sudo.conf.mdoc.in +++ b/doc/sudo.conf.mdoc.in @@ -16,7 +16,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .nr SL @SEMAN@ -.Dd June 1, 2020 +.Dd October 30, 2020 .Dt SUDO.CONF @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -673,7 +673,7 @@ Plugin sudoers_audit sudoers.so # Sudo noexec: # Path noexec /path/to/sudo_noexec.so # -# Path to a shared library containing dummy versions of the execv(), +# Path to a shared library containing replacements for the execv(), # execve() and fexecve() library functions that just return an error. # This is used to implement the "noexec" functionality on systems that # support LD_PRELOAD or its equivalent. diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index 2d6be70ce..9a0c07f65 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -3979,7 +3979,7 @@ The hook function encountered an error. .TP 6n \fRSUDO_HOOK_RET_NEXT\fR The hook completed without error, go on to the next hook (including -the native implementation if applicable). +the system implementation if applicable). For example, a getenv(3) hook might return @@ -3988,7 +3988,7 @@ if the specified variable was not found in the private copy of the environment. .TP 6n \fRSUDO_HOOK_RET_STOP\fR The hook completed without error, stop processing hooks for this invocation. -This can be used to replace the native implementation. +This can be used to replace the system implementation. For example, a \fRsetenv\fR hook that operates on a private copy of @@ -4347,7 +4347,7 @@ from the event loop and frees the memory associated with it. .SS "Remote command execution" The \fBsudo\fR -front end does not have native support for running remote commands. +front end does not support running remote commands. However, starting with \fBsudo\fR 1.8.8, the diff --git a/doc/sudo_plugin.mdoc.in b/doc/sudo_plugin.mdoc.in index 7288d18ed..d3fa754ae 100644 --- a/doc/sudo_plugin.mdoc.in +++ b/doc/sudo_plugin.mdoc.in @@ -3525,7 +3525,7 @@ The function return value may be one of the following: The hook function encountered an error. .It Dv SUDO_HOOK_RET_NEXT The hook completed without error, go on to the next hook (including -the native implementation if applicable). +the system implementation if applicable). For example, a .Xr getenv 3 hook might return @@ -3533,7 +3533,7 @@ hook might return if the specified variable was not found in the private copy of the environment. .It Dv SUDO_HOOK_RET_STOP The hook completed without error, stop processing hooks for this invocation. -This can be used to replace the native implementation. +This can be used to replace the system implementation. For example, a .Li setenv hook that operates on a private copy of @@ -3823,7 +3823,7 @@ from the event loop and frees the memory associated with it. .Ss Remote command execution The .Nm sudo -front end does not have native support for running remote commands. +front end does not support running remote commands. However, starting with .Nm sudo 1.8.8, the diff --git a/doc/sudoers.ldap.man.in b/doc/sudoers.ldap.man.in index 79cbfee07..dc81ddbda 100644 --- a/doc/sudoers.ldap.man.in +++ b/doc/sudoers.ldap.man.in @@ -801,7 +801,7 @@ The \fBHOST\fR parameter is deprecated in favor of the \fBURI\fR -specification and is included for backwards compatibility only. +specification and is included for backward compatibility only. .TP 6n \fBKRB5_CCNAME\fR \fIfile name\fR The path to the Kerberos 5 credential cache to use when authenticating @@ -890,7 +890,7 @@ The \fBPORT\fR parameter is deprecated in favor of the \fBURI\fR -specification and is included for backwards compatibility only. +specification and is included for backward compatibility only. .TP 6n \fBROOTBINDDN\fR \fIDN\fR The diff --git a/doc/sudoers.ldap.mdoc.in b/doc/sudoers.ldap.mdoc.in index ddb16a0cc..ac32bfaa6 100644 --- a/doc/sudoers.ldap.mdoc.in +++ b/doc/sudoers.ldap.mdoc.in @@ -751,7 +751,7 @@ The .Sy HOST parameter is deprecated in favor of the .Sy URI -specification and is included for backwards compatibility only. +specification and is included for backward compatibility only. .It Sy KRB5_CCNAME Ar file name The path to the Kerberos 5 credential cache to use when authenticating with the remote server. @@ -831,7 +831,7 @@ The .Sy PORT parameter is deprecated in favor of the .Sy URI -specification and is included for backwards compatibility only. +specification and is included for backward compatibility only. .It Sy ROOTBINDDN Ar DN The .Sy ROOTBINDDN diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index a7d7a23be..e3aec3917 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -25,7 +25,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.TH "SUDOERS" "@mansectform@" "October 27, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDOERS" "@mansectform@" "October 30, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -369,7 +369,6 @@ are preserved from the invoking user's environment if permitted by the or \fIenv_keep\fR options. -This is effectively a whitelist for environment variables. A few environment variables are treated specially. If the \fRPATH\fR @@ -6091,9 +6090,9 @@ On such systems, functionality can be used to prevent a program run by \fBsudo\fR from executing any other programs. -Note, however, that this applies only to native dynamically-linked +Note, however, that this applies only to dynamically-linked executables. -Statically-linked executables and foreign executables +Statically-linked executables and executables running under binary emulation are not affected. .sp The diff --git a/doc/sudoers.mdoc.in b/doc/sudoers.mdoc.in index 29886a4d5..7e79dc5e2 100644 --- a/doc/sudoers.mdoc.in +++ b/doc/sudoers.mdoc.in @@ -24,7 +24,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.Dd October 27, 2020 +.Dd October 30, 2020 .Dt SUDOERS @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -358,7 +358,6 @@ are preserved from the invoking user's environment if permitted by the or .Em env_keep options. -This is effectively a whitelist for environment variables. A few environment variables are treated specially. If the .Ev PATH @@ -5626,9 +5625,9 @@ On such systems, functionality can be used to prevent a program run by .Nm sudo from executing any other programs. -Note, however, that this applies only to native dynamically-linked +Note, however, that this applies only to dynamically-linked executables. -Statically-linked executables and foreign executables +Statically-linked executables and executables running under binary emulation are not affected. .Pp The diff --git a/doc/sudoers_timestamp.man.in b/doc/sudoers_timestamp.man.in index 66a1e7052..2f60f0338 100644 --- a/doc/sudoers_timestamp.man.in +++ b/doc/sudoers_timestamp.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2017-2018 Todd C. Miller <Todd.Miller@sudo.ws> +.\" Copyright (c) 2017-2020 Todd C. Miller <Todd.Miller@sudo.ws> .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -224,7 +224,7 @@ time was used as the time stamp. Later versions of \fBsudo\fR added restrictions on the ownership of the time stamp files and -directory as well as sanity checks on the time stamp itself. +directory as well as checks on the validity of the time stamp itself. Notable changes were introduced in the following \fBsudo\fR versions: @@ -247,7 +247,7 @@ option was set. 1.7.3 .br Information about the terminal device was stored in -tty-based time stamp files for sanity checking. +tty-based time stamp files for validity checks. This included the terminal device numbers, inode number and, on systems where it was not updated when the device was written to, the inode change time. This helped prevent re-use of the time stamp file after logout. diff --git a/doc/sudoers_timestamp.mdoc.in b/doc/sudoers_timestamp.mdoc.in index b318abf44..d879bfa20 100644 --- a/doc/sudoers_timestamp.mdoc.in +++ b/doc/sudoers_timestamp.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2017-2018 Todd C. Miller <Todd.Miller@sudo.ws> +.\" Copyright (c) 2017-2020 Todd C. Miller <Todd.Miller@sudo.ws> .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -212,7 +212,7 @@ time was used as the time stamp. Later versions of .Nm sudo added restrictions on the ownership of the time stamp files and -directory as well as sanity checks on the time stamp itself. +directory as well as checks on the validity of the time stamp itself. Notable changes were introduced in the following .Nm sudo versions: @@ -229,7 +229,7 @@ The target user name was added to the time stamp file name when the option was set. .It 1.7.3 Information about the terminal device was stored in -tty-based time stamp files for sanity checking. +tty-based time stamp files for validity checks. This included the terminal device numbers, inode number and, on systems where it was not updated when the device was written to, the inode change time. This helped prevent re-use of the time stamp file after logout. diff --git a/doc/visudo.man.in b/doc/visudo.man.in index 95763d567..d068e83e9 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -41,7 +41,7 @@ vipw(@mansectsu@). \fBvisudo\fR locks the \fIsudoers\fR -file against multiple simultaneous edits, provides basic sanity checks, +file against multiple simultaneous edits, performs basic validity checks, and checks for syntax errors before installing the edited file. If the \fIsudoers\fR diff --git a/doc/visudo.mdoc.in b/doc/visudo.mdoc.in index 6613b3060..278040bed 100644 --- a/doc/visudo.mdoc.in +++ b/doc/visudo.mdoc.in @@ -39,7 +39,7 @@ file in a safe fashion, analogous to .Nm locks the .Em sudoers -file against multiple simultaneous edits, provides basic sanity checks, +file against multiple simultaneous edits, performs basic validity checks, and checks for syntax errors before installing the edited file. If the .Em sudoers diff --git a/examples/sudo.conf.in b/examples/sudo.conf.in index 19e33ff66..d4342b2ce 100644 --- a/examples/sudo.conf.in +++ b/examples/sudo.conf.in @@ -42,7 +42,7 @@ Plugin sudoers_audit sudoers.so # Sudo noexec: # Path noexec /path/to/sudo_noexec.so # -# Path to a shared library containing dummy versions of the execv(), +# Path to a shared library containing replacements for the execv(), # execve() and fexecve() library functions that just return an error. # This is used to implement the "noexec" functionality on systems that # support LD_PRELOAD or its equivalent. diff --git a/include/compat/getaddrinfo.h b/include/compat/getaddrinfo.h index 709bb098f..c1f87ef08 100644 --- a/include/compat/getaddrinfo.h +++ b/include/compat/getaddrinfo.h @@ -3,7 +3,7 @@ * * This is an implementation of the getaddrinfo family of functions for * systems that lack it, so that code can use getaddrinfo always. It provides - * IPv4 support only; for IPv6 support, a native getaddrinfo implementation is + * IPv4 support only; for IPv6 support, a system getaddrinfo implementation is * required. * * The canonical version of this file is maintained in the rra-c-util package, diff --git a/install-sh b/install-sh index 572b1c2e1..228a0b16e 100755 --- a/install-sh +++ b/install-sh @@ -80,7 +80,7 @@ while ${MORETODO} ; do BACKUP="`echo \"$1\" | sed 's/^..//'`" ;; X-c) - # backwards compatibility + # backward compatibility ;; X-d) DIRMODE=true diff --git a/lib/util/getaddrinfo.c b/lib/util/getaddrinfo.c index a63af36cf..ad0ea5f6b 100644 --- a/lib/util/getaddrinfo.c +++ b/lib/util/getaddrinfo.c @@ -14,7 +14,7 @@ * * The last four issues could probably be easily remedied, but haven't been * needed to date. Adding IPv6 support isn't worth it; systems with IPv6 - * support should already support getaddrinfo natively. + * support should already have getaddrinfo. * * The canonical version of this file is maintained in the rra-c-util package, * which can be found at <http://www.eyrie.org/~eagle/software/rra-c-util/>. @@ -89,7 +89,7 @@ int test_getaddrinfo(const char *, const char *, const struct addrinfo *, #endif /* - * If the native platform doesn't support AI_NUMERICSERV or AI_NUMERICHOST, + * If the platform doesn't support AI_NUMERICSERV or AI_NUMERICHOST, * pick some other values for them. */ #ifdef TESTING diff --git a/lib/util/getentropy.c b/lib/util/getentropy.c index 95731d73d..3a649b62c 100644 --- a/lib/util/getentropy.c +++ b/lib/util/getentropy.c @@ -182,7 +182,7 @@ sudo_getentropy(void *buf, size_t len) */ /* - * Basic sanity checking; wish we could do better. + * Basic validity checking; wish we could do better. */ static int gotdata(char *buf, size_t len) @@ -222,7 +222,7 @@ start: fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); #endif - /* Lightly verify that the device node looks sane */ + /* Lightly verify that the device node looks OK */ if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { close(fd); goto nodevrandom; diff --git a/lib/util/regress/sudo_conf/test1.in b/lib/util/regress/sudo_conf/test1.in index bee1ca821..4727153a0 100644 --- a/lib/util/regress/sudo_conf/test1.in +++ b/lib/util/regress/sudo_conf/test1.in @@ -35,7 +35,7 @@ Path askpass /usr/X11R6/bin/ssh-askpass # # Sudo noexec: # -# Path to a shared library containing dummy versions of the execv(), +# Path to a shared library containing replacements for the execv(), # execve() and fexecve() library functions that just return an error. # This is used to implement the "noexec" functionality on systems that # support LD_PRELOAD or its equivalent. diff --git a/lib/util/regress/sudo_parseln/test1.in b/lib/util/regress/sudo_parseln/test1.in index eb3e1cc8f..8f417dd52 100644 --- a/lib/util/regress/sudo_parseln/test1.in +++ b/lib/util/regress/sudo_parseln/test1.in @@ -35,7 +35,7 @@ Plugin sudoers_io sudoers.so # # Sudo noexec: # -# Path to a shared library containing dummy versions of the execv(), +# Path to a shared library containing replacements for the execv(), # execve() and fexecve() library functions that just return an error. # This is used to implement the "noexec" functionality on systems that # support LD_PRELOAD or its equivalent. diff --git a/lib/util/regress/vsyslog/vsyslog_test.c b/lib/util/regress/vsyslog/vsyslog_test.c index 435934efc..27b9f14fa 100644 --- a/lib/util/regress/vsyslog/vsyslog_test.c +++ b/lib/util/regress/vsyslog/vsyslog_test.c @@ -38,7 +38,7 @@ static int errors; static int ntests; /* - * Dummy version of syslog to verify the message + * Replacement for syslog(3) that just verifies the message */ void syslog(int priority, const char *fmt, ...) diff --git a/lib/util/strtoid.c b/lib/util/strtoid.c index 5ad8d99e2..8da857b6b 100644 --- a/lib/util/strtoid.c +++ b/lib/util/strtoid.c @@ -96,7 +96,7 @@ sudo_strtoidx_v1(const char *p, const char *sep, char **endp, const char **errst debug_return_id_t(ret); } -/* Backwards compatibility */ +/* Backward compatibility */ id_t sudo_strtoid_v1(const char *p, const char *sep, char **endp, const char **errstrp) { diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c index b9c5c669b..5b03cfc4e 100644 --- a/logsrvd/logsrvd.c +++ b/logsrvd/logsrvd.c @@ -290,7 +290,7 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure) debug_return_bool(false); } - /* Sanity check message. */ + /* Check that message is valid. */ if (msg->submit_time == NULL || msg->n_info_msgs == 0) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "invalid AcceptMessage, submit_time: %p, n_info_msgs: %zu", @@ -355,7 +355,7 @@ handle_reject(RejectMessage *msg, struct connection_closure *closure) debug_return_bool(false); } - /* Sanity check message. */ + /* Check that message is valid. */ if (msg->submit_time == NULL || msg->n_info_msgs == 0) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "invalid RejectMessage, submit_time: %p, n_info_msgs: %zu", @@ -479,7 +479,7 @@ handle_alert(AlertMessage *msg, struct connection_closure *closure) struct timespec alert_time; debug_decl(handle_alert, SUDO_DEBUG_UTIL); - /* Sanity check message. */ + /* Check that message is valid. */ if (msg->alert_time == NULL || msg->reason == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "invalid AlertMessage, alert_time: %p, reason: %p", diff --git a/logsrvd/logsrvd_conf.c b/logsrvd/logsrvd_conf.c index fb523827c..c8a166829 100644 --- a/logsrvd/logsrvd_conf.c +++ b/logsrvd/logsrvd_conf.c @@ -1047,7 +1047,7 @@ logsrvd_conf_apply(struct logsrvd_config *config) } else { struct listen_address *addr; - /* Sanity check the TLS configuration. */ + /* Check that TLS configuration is valid. */ TAILQ_FOREACH(addr, &config->server.addresses, entries) { if (!addr->tls) continue; diff --git a/logsrvd/sendlog.c b/logsrvd/sendlog.c index 84e390f3a..90e1111a3 100644 --- a/logsrvd/sendlog.c +++ b/logsrvd/sendlog.c @@ -911,7 +911,7 @@ handle_server_hello(ServerHello *msg, struct client_closure *closure) debug_return_bool(false); } - /* Sanity check ServerHello message. */ + /* Check that ServerHello is valid. */ if (msg->server_id == NULL || msg->server_id[0] == '\0') { sudo_warnx("%s", U_("invalid ServerHello")); debug_return_bool(false); diff --git a/m4/sudo.m4 b/m4/sudo.m4 index b3a40b208..90fb25472 100644 --- a/m4/sudo.m4 +++ b/m4/sudo.m4 @@ -371,7 +371,7 @@ AC_DEFUN([SUDO_SOCK_SIN_LEN], [ dnl dnl check for max length of uid_t in string representation. dnl we can't really trust UID_MAX or MAXUID since they may exist -dnl only for backwards compatibility. +dnl only for backward compatibility. dnl AC_DEFUN([SUDO_UID_T_LEN], [AC_REQUIRE([AC_TYPE_UID_T]) diff --git a/plugins/group_file/group_file.c b/plugins/group_file/group_file.c index 15aea5a13..02672b75d 100644 --- a/plugins/group_file/group_file.c +++ b/plugins/group_file/group_file.c @@ -71,7 +71,7 @@ sample_init(int version, sudo_printf_t sudo_printf, char *const argv[]) return -1; } - /* Sanity check the specified group file. */ + /* Check that the group file exists and has a safe mode. */ if (argv == NULL || argv[0] == NULL) { sudo_log(SUDO_CONV_ERROR_MSG, "group_file: path to group file not specified\n"); diff --git a/plugins/sudoers/auth/bsdauth.c b/plugins/sudoers/auth/bsdauth.c index 1c321340f..fec7402f2 100644 --- a/plugins/sudoers/auth/bsdauth.c +++ b/plugins/sudoers/auth/bsdauth.c @@ -77,7 +77,7 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth) debug_return_int(AUTH_FATAL); } - /* XXX - maybe sanity check the auth style earlier? */ + /* XXX - maybe check the auth style earlier? */ login_style = login_getstyle(state.lc, login_style, "auth-sudo"); if (login_style == NULL) { log_warningx(0, N_("invalid authentication type")); diff --git a/plugins/sudoers/auth/fwtk.c b/plugins/sudoers/auth/fwtk.c index fa6120581..7f3385d0f 100644 --- a/plugins/sudoers/auth/fwtk.c +++ b/plugins/sudoers/auth/fwtk.c @@ -105,7 +105,7 @@ restart: pass = auth_getpass(prompt, SUDO_CONV_PROMPT_ECHO_OFF, callback); } else if (strncmp(resp, "display ", 8) == 0) { sudo_printf(SUDO_CONV_INFO_MSG|SUDO_CONV_PREFER_TTY, "%s\n", &resp[8]); - strlcpy(buf, "response dummy", sizeof(buf)); + strlcpy(buf, "response noop", sizeof(buf)); goto restart; } else { sudo_warnx("%s", resp); diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c index 0e4d1b7f8..566881f68 100644 --- a/plugins/sudoers/auth/passwd.c +++ b/plugins/sudoers/auth/passwd.c @@ -102,7 +102,7 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_c int matched; debug_decl(sudo_passwd_verify, SUDOERS_DEBUG_AUTH); - /* Dummy version for systems without crypt(). */ + /* Simple string compare for systems without crypt(). */ matched = !strcmp(pass, pw_passwd); debug_return_int(matched ? AUTH_SUCCESS : AUTH_FAILURE); diff --git a/plugins/sudoers/cvtsudoers.c b/plugins/sudoers/cvtsudoers.c index 866fb2a86..5d1ccdd0c 100644 --- a/plugins/sudoers/cvtsudoers.c +++ b/plugins/sudoers/cvtsudoers.c @@ -677,7 +677,7 @@ userlist_matches_filter(struct sudoers_parse_tree *parse_tree, struct passwd pw; /* - * Only groups in filter, make a dummy user so userlist_matches() + * Only groups in filter, make a fake user so userlist_matches() * can do its thing. */ memset(&pw, 0, sizeof(pw)); diff --git a/plugins/sudoers/def_data.c b/plugins/sudoers/def_data.c index 0f7de2c42..7e4ec11fd 100644 --- a/plugins/sudoers/def_data.c +++ b/plugins/sudoers/def_data.c @@ -271,7 +271,7 @@ struct sudo_defs_types sudo_defs_table[] = { def_data_verifypw, }, { "noexec", T_FLAG, - N_("Preload the dummy exec functions contained in the sudo_noexec library"), + N_("Preload the sudo_noexec library which replaces the exec functions"), NULL, }, { "ignore_local_sudoers", T_FLAG, @@ -295,7 +295,7 @@ struct sudo_defs_types sudo_defs_table[] = { NULL, }, { "env_check", T_LIST|T_BOOL, - N_("Environment variables to check for sanity:"), + N_("Environment variables to check for safety:"), NULL, }, { "env_delete", T_LIST|T_BOOL, diff --git a/plugins/sudoers/def_data.in b/plugins/sudoers/def_data.in index 52cd4443a..4f18d6a0d 100644 --- a/plugins/sudoers/def_data.in +++ b/plugins/sudoers/def_data.in @@ -183,7 +183,7 @@ verifypw never all any always noexec T_FLAG - "Preload the dummy exec functions contained in the sudo_noexec library" + "Preload the sudo_noexec library which replaces the exec functions" ignore_local_sudoers T_FLAG "If LDAP directory is up, do we ignore local sudoers file" @@ -201,7 +201,7 @@ env_reset "Reset the environment to a default set of variables" env_check T_LIST|T_BOOL - "Environment variables to check for sanity:" + "Environment variables to check for safety:" env_delete T_LIST|T_BOOL "Environment variables to remove:" diff --git a/plugins/sudoers/editor.c b/plugins/sudoers/editor.c index 99b0b93c8..1a289a1c9 100644 --- a/plugins/sudoers/editor.c +++ b/plugins/sudoers/editor.c @@ -34,7 +34,7 @@ /* * Search for the specified editor in the user's PATH, checking - * the result against whitelist if non-NULL. An argument vector + * the result against allowlist if non-NULL. An argument vector * suitable for execve() is allocated and stored in argv_out. * If nfiles is non-zero, files[] is added to the end of argv_out. * @@ -44,7 +44,7 @@ */ static char * resolve_editor(const char *ed, size_t edlen, int nfiles, char **files, - int *argc_out, char ***argv_out, char * const *whitelist) + int *argc_out, char ***argv_out, char * const *allowlist) { char **nargv, *editor, *editor_path = NULL; const char *cp, *ep, *tmp; @@ -69,7 +69,7 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char **files, /* If we can't find the editor in the user's PATH, give up. */ if (find_path(editor, &editor_path, &user_editor_sb, getenv("PATH"), NULL, - 0, whitelist) != FOUND) { + 0, allowlist) != FOUND) { free(editor); errno = ENOENT; debug_return_str(NULL); @@ -125,7 +125,7 @@ resolve_editor(const char *ed, size_t edlen, int nfiles, char **files, */ char * find_editor(int nfiles, char **files, int *argc_out, char ***argv_out, - char * const *whitelist, const char **env_editor, bool env_error) + char * const *allowlist, const char **env_editor, bool env_error) { char *ev[3], *editor_path = NULL; unsigned int i; @@ -144,7 +144,7 @@ find_editor(int nfiles, char **files, int *argc_out, char ***argv_out, if (editor != NULL && *editor != '\0') { *env_editor = editor; editor_path = resolve_editor(editor, strlen(editor), - nfiles, files, argc_out, argv_out, whitelist); + nfiles, files, argc_out, argv_out, allowlist); if (editor_path != NULL) break; if (errno != ENOENT) @@ -164,7 +164,7 @@ find_editor(int nfiles, char **files, int *argc_out, char ***argv_out, for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep); cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) { editor_path = resolve_editor(cp, (size_t)(ep - cp), nfiles, - files, argc_out, argv_out, whitelist); + files, argc_out, argv_out, allowlist); if (editor_path != NULL) break; if (errno != ENOENT) diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c index ae13eb4fc..b2d59fcbe 100644 --- a/plugins/sudoers/env.c +++ b/plugins/sudoers/env.c @@ -640,7 +640,7 @@ matches_env_list(const char *var, struct list_members *list, bool *full_match) } /* - * Check the env_delete blacklist. + * Check the env_delete blocklist. * Returns true if the variable was found, else false. */ static bool @@ -654,15 +654,15 @@ matches_env_delete(const char *var) } /* - * Sanity-check the TZ environment variable. + * Verify the TZ environment variable is safe. * On many systems it is possible to set this to a pathname. */ static bool -tz_is_sane(const char *tzval) +tz_is_safe(const char *tzval) { const char *cp; char lastch; - debug_decl(tz_is_sane, SUDOERS_DEBUG_ENV); + debug_decl(tz_is_safe, SUDOERS_DEBUG_ENV); /* tzcode treats a value beginning with a ':' as a path. */ if (tzval[0] == ':') @@ -716,7 +716,7 @@ matches_env_check(const char *var, bool *full_match) if (matches_env_list(var, &def_env_check, full_match)) { if (strncmp(var, "TZ=", 3) == 0) { /* Special case for TZ */ - keepit = tz_is_sane(var + 3); + keepit = tz_is_safe(var + 3); } else { const char *val = strchr(var, '='); if (val != NULL) diff --git a/plugins/sudoers/find_path.c b/plugins/sudoers/find_path.c index 82943a685..5c44b4ff2 100644 --- a/plugins/sudoers/find_path.c +++ b/plugins/sudoers/find_path.c @@ -38,22 +38,22 @@ #include "sudoers.h" /* - * Check the given command against the specified whitelist (NULL-terminated). - * On success, rewrites cmnd based on the whitelist and returns true. + * Check the given command against the specified allowlist (NULL-terminated). + * On success, rewrites cmnd based on the allowlist and returns true. * On failure, returns false. */ static bool cmnd_allowed(char *cmnd, size_t cmnd_size, const char *runchroot, - struct stat *cmnd_sbp, char * const *whitelist) + struct stat *cmnd_sbp, char * const *allowlist) { const char *cmnd_base; - char * const *wl; + char * const *al; debug_decl(cmnd_allowed, SUDOERS_DEBUG_UTIL); if (!sudo_goodpath(cmnd, runchroot, cmnd_sbp)) debug_return_bool(false); - if (whitelist == NULL) + if (allowlist == NULL) debug_return_bool(true); /* nothing to check */ /* We compare the base names to avoid excessive stat()ing. */ @@ -61,8 +61,8 @@ cmnd_allowed(char *cmnd, size_t cmnd_size, const char *runchroot, debug_return_bool(false); /* can't happen */ cmnd_base++; - for (wl = whitelist; *wl != NULL; wl++) { - const char *base, *path = *wl; + for (al = allowlist; *al != NULL; al++) { + const char *base, *path = *al; struct stat sb; if ((base = strrchr(path, '/')) == NULL) @@ -74,7 +74,7 @@ cmnd_allowed(char *cmnd, size_t cmnd_size, const char *runchroot, if (sudo_goodpath(path, runchroot, &sb) && sb.st_dev == cmnd_sbp->st_dev && sb.st_ino == cmnd_sbp->st_ino) { - /* Overwrite cmnd with safe version from whitelist. */ + /* Overwrite cmnd with safe version from allowlist. */ if (strlcpy(cmnd, path, cmnd_size) < cmnd_size) debug_return_bool(true); } @@ -93,7 +93,7 @@ cmnd_allowed(char *cmnd, size_t cmnd_size, const char *runchroot, int find_path(const char *infile, char **outfile, struct stat *sbp, const char *path, const char *runchroot, int ignore_dot, - char * const *whitelist) + char * const *allowlist) { char command[PATH_MAX]; const char *cp, *ep, *pathend; @@ -112,7 +112,7 @@ find_path(const char *infile, char **outfile, struct stat *sbp, debug_return_int(NOT_FOUND_ERROR); } found = cmnd_allowed(command, sizeof(command), runchroot, sbp, - whitelist); + allowlist); goto done; } @@ -142,7 +142,7 @@ find_path(const char *infile, char **outfile, struct stat *sbp, debug_return_int(NOT_FOUND_ERROR); } found = cmnd_allowed(command, sizeof(command), runchroot, - sbp, whitelist); + sbp, allowlist); if (found) break; } @@ -157,7 +157,7 @@ find_path(const char *infile, char **outfile, struct stat *sbp, debug_return_int(NOT_FOUND_ERROR); } found = cmnd_allowed(command, sizeof(command), runchroot, - sbp, whitelist); + sbp, allowlist); if (found && ignore_dot) debug_return_int(NOT_FOUND_DOT); } diff --git a/plugins/sudoers/gram.y b/plugins/sudoers/gram.y index 31f20601f..cc9b2b9e0 100644 --- a/plugins/sudoers/gram.y +++ b/plugins/sudoers/gram.y @@ -106,8 +106,8 @@ static struct command_digest *new_digest(int, char *); %token <tok> DEFAULTS_CMND /* Command-specific defaults entry */ %token <tok> NOPASSWD /* no passwd req for command */ %token <tok> PASSWD /* passwd req for command (default) */ -%token <tok> NOEXEC /* preload dummy execve() for cmnd */ -%token <tok> EXEC /* don't preload dummy execve() */ +%token <tok> NOEXEC /* preload fake execve() for cmnd */ +%token <tok> EXEC /* don't preload fake execve() */ %token <tok> SETENV /* user may set environment for cmnd */ %token <tok> NOSETENV /* user may not set environment */ %token <tok> LOG_INPUT /* log user's cmnd input */ diff --git a/plugins/sudoers/group_plugin.c b/plugins/sudoers/group_plugin.c index fa4dc88ce..829cf1ef9 100644 --- a/plugins/sudoers/group_plugin.c +++ b/plugins/sudoers/group_plugin.c @@ -73,7 +73,7 @@ group_plugin_load(char *plugin_info) goto done; } - /* Sanity check plugin path. */ + /* Check owner and mode of plugin path. */ if (stat(path, &sb) != 0) { sudo_warn("%s", path); goto done; diff --git a/plugins/sudoers/iolog_client.c b/plugins/sudoers/iolog_client.c index e9298941f..9fe3fc541 100644 --- a/plugins/sudoers/iolog_client.c +++ b/plugins/sudoers/iolog_client.c @@ -1235,7 +1235,7 @@ handle_server_hello(ServerHello *msg, struct client_closure *closure) debug_return_bool(false); } - /* Sanity check ServerHello message. */ + /* Check that ServerHello is valid. */ if (msg->server_id == NULL || msg->server_id[0] == '\0') { sudo_warnx("%s", U_("invalid ServerHello")); debug_return_bool(false); diff --git a/plugins/sudoers/stubs.c b/plugins/sudoers/stubs.c index ce7cc5026..fb1e975af 100644 --- a/plugins/sudoers/stubs.c +++ b/plugins/sudoers/stubs.c @@ -76,8 +76,8 @@ group_plugin_query(const char *user, const char *group, const struct passwd *pw) struct interface_list * get_interfaces(void) { - static struct interface_list dummy = SLIST_HEAD_INITIALIZER(interfaces); - return &dummy; + static struct interface_list empty = SLIST_HEAD_INITIALIZER(interfaces); + return ∅ } /* STUB */ diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index b32c40b03..63b15d9fb 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -1015,7 +1015,7 @@ set_cmnd(void) } /* - * Open sudoers file and sanity check mode/owner/type. + * Open sudoers file and check mode/owner/type. * Returns a handle to the sudoers file or NULL on error. */ FILE * diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index e82e9bd20..4bc97fc11 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -271,7 +271,7 @@ bool sudo_goodpath(const char *path, const char *runchroot, struct stat *sbp); /* findpath.c */ int find_path(const char *infile, char **outfile, struct stat *sbp, const char *path, const char *runchroot, int ignore_dot, - char * const *whitelist); + char * const *allowlist); /* check.c */ int check_user(int validate, int mode); @@ -431,7 +431,7 @@ extern const char *path_plugin_dir; /* editor.c */ char *find_editor(int nfiles, char **files, int *argc_out, char ***argv_out, - char * const *whitelist, const char **env_editor, bool env_error); + char * const *allowlist, const char **env_editor, bool env_error); /* exptilde.c */ bool expand_tilde(char **path, const char *user); diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c index d25df689d..14ffe551e 100644 --- a/plugins/sudoers/timestamp.c +++ b/plugins/sudoers/timestamp.c @@ -423,7 +423,7 @@ timestamp_open(const char *user, pid_t sid) goto bad; } - /* Sanity check timestamp dir and create if missing. */ + /* Check the validity of timestamp dir and create if missing. */ if (!ts_secure_dir(def_timestampdir, true, false)) goto bad; @@ -1077,7 +1077,7 @@ set_lectured(void) goto done; } - /* Sanity check lecture dir and create if missing. */ + /* Check the validity of lecture dir and create if missing. */ if (!ts_secure_dir(def_lecture_status_dir, true, false)) goto done; diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 24e7b3ee5..93fc1cff1 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -221,7 +221,7 @@ main(int argc, char *argv[]) } if (export_path != NULL) { - /* Backwards compatibility for the time being. */ + /* Backward compatibility for the time being. */ sudo_warnx("%s", U_("the -x option will be removed in a future release")); sudo_warnx("%s", @@ -302,37 +302,37 @@ done: static char * get_editor(int *editor_argc, char ***editor_argv) { - char *editor_path = NULL, **whitelist = NULL; + char *editor_path = NULL, **allowlist = NULL; const char *env_editor; static char *files[] = { "+1", "sudoers" }; - unsigned int whitelist_len = 0; + unsigned int allowlist_len = 0; debug_decl(get_editor, SUDOERS_DEBUG_UTIL); - /* Build up editor whitelist from def_editor unless env_editor is set. */ + /* Build up editor allowlist from def_editor unless env_editor is set. */ if (!def_env_editor) { const char *cp, *ep; const char *def_editor_end = def_editor + strlen(def_editor); - /* Count number of entries in whitelist and split into a list. */ + /* Count number of entries in allowlist and split into a list. */ for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep); cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) { - whitelist_len++; + allowlist_len++; } - whitelist = reallocarray(NULL, whitelist_len + 1, sizeof(char *)); - if (whitelist == NULL) + allowlist = reallocarray(NULL, allowlist_len + 1, sizeof(char *)); + if (allowlist == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - whitelist_len = 0; + allowlist_len = 0; for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep); cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) { - whitelist[whitelist_len] = strndup(cp, (size_t)(ep - cp)); - if (whitelist[whitelist_len] == NULL) + allowlist[allowlist_len] = strndup(cp, (size_t)(ep - cp)); + if (allowlist[allowlist_len] == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - whitelist_len++; + allowlist_len++; } - whitelist[whitelist_len] = NULL; + allowlist[allowlist_len] = NULL; } - editor_path = find_editor(2, files, editor_argc, editor_argv, whitelist, + editor_path = find_editor(2, files, editor_argc, editor_argv, allowlist, &env_editor, true); if (editor_path == NULL) { if (def_env_editor && env_editor != NULL) { @@ -342,10 +342,10 @@ get_editor(int *editor_argc, char ***editor_argv) sudo_fatalx(U_("no editor found (editor path = %s)"), def_editor); } - if (whitelist != NULL) { - while (whitelist_len--) - free(whitelist[whitelist_len]); - free(whitelist); + if (allowlist != NULL) { + while (allowlist_len--) + free(allowlist[allowlist_len]); + free(allowlist); } debug_return_str(editor_path); @@ -500,7 +500,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc, goto done; } /* - * Sanity checks. + * Check for zero length sudoers file. */ if (stat(sp->tpath, &sb) < 0) { sudo_warnx(U_("unable to stat temporary file (%s), %s unchanged"), @@ -589,7 +589,7 @@ reparse_sudoers(char *editor, int editor_argc, char **editor_argv, debug_decl(reparse_sudoers, SUDOERS_DEBUG_UTIL); /* - * Parse the edited sudoers files and do sanity checking + * Parse the edited sudoers files. */ while ((sp = TAILQ_FIRST(&sudoerslist)) != NULL) { last = TAILQ_LAST(&sudoerslist, sudoersfile_list); @@ -747,7 +747,7 @@ install_sudoers(struct sudoersfile *sp, bool oldperms) } /* - * Now that sp->tpath is sane (parses ok) it needs to be + * Now that we know sp->tpath parses correctly, it needs to be * rename(2)'d to sp->path. If the rename(2) fails we try using * mv(1) in case sp->tpath and sp->path are on different file systems. */ diff --git a/src/load_plugins.c b/src/load_plugins.c index 61a96074e..d5d1c9d94 100644 --- a/src/load_plugins.c +++ b/src/load_plugins.c @@ -271,7 +271,7 @@ sudo_load_plugin(struct plugin_info *info, bool quiet) bool ret = false; debug_decl(sudo_load_plugin, SUDO_DEBUG_PLUGIN); - /* Sanity check plugin and fill in path */ + /* Check plugin owner/mode and fill in path */ if (!sudo_check_plugin(info, path, sizeof(path))) goto done; diff --git a/src/sudo.c b/src/sudo.c index 228d78430..01a211cff 100644 --- a/src/sudo.c +++ b/src/sudo.c @@ -1074,7 +1074,7 @@ policy_open(struct sudo_settings *settings, char * const user_info[], sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); /* - * Backwards compatibility for older API versions + * Backward compatibility for older API versions */ sudo_debug_set_active_instance(SUDO_DEBUG_INSTANCE_INITIALIZER); switch (policy_plugin.u.generic->version) { @@ -1338,7 +1338,7 @@ policy_init_session(struct command_details *details) if (policy_plugin.u.policy->init_session) { /* - * Backwards compatibility for older API versions + * Backward compatibility for older API versions */ sudo_debug_set_active_instance(policy_plugin.debug_instance); switch (policy_plugin.u.generic->version) { @@ -1374,7 +1374,7 @@ iolog_open_int(struct plugin_container *plugin, struct sudo_settings *settings, } /* - * Backwards compatibility for older API versions + * Backward compatibility for older API versions */ sudo_debug_set_active_instance(plugin->debug_instance); switch (plugin->u.generic->version) { diff --git a/src/sudo_noexec.c b/src/sudo_noexec.c index c3e9cfb80..6025d9148 100644 --- a/src/sudo_noexec.c +++ b/src/sudo_noexec.c @@ -64,100 +64,100 @@ typedef struct interpose_s { void *orig_func; } interpose_t; -# define FN_NAME(fn) dummy_ ## fn +# define FN_NAME(fn) fake_ ## fn # define INTERPOSE(fn) \ __attribute__((__used__)) static const interpose_t interpose_ ## fn \ __attribute__((__section__("__DATA,__interpose"))) = \ - { (void *)dummy_ ## fn, (void *)fn }; + { (void *)fake_ ## fn, (void *)fn }; #else # define FN_NAME(fn) fn # define INTERPOSE(fn) #endif /* - * Dummy versions of the exec(3) family of syscalls. It is not enough to - * just dummy out execve(2) since many C libraries do not call the public + * Replacements for the exec(3) family of syscalls. It is not enough to + * just replace execve(2) since many C libraries do not call the public * execve(2) interface. Note that it is still possible to access the real * syscalls via the syscall(2) interface, but that is rarely done. */ -#define DUMMY_BODY \ +#define EXEC_REPL_BODY \ { \ errno = EACCES; \ return -1; \ } -#define DUMMY1(fn, t1) \ +#define EXEC_REPL1(fn, t1) \ sudo_dso_public int \ FN_NAME(fn)(t1 a1) \ -DUMMY_BODY \ +EXEC_REPL_BODY \ INTERPOSE(fn) -#define DUMMY2(fn, t1, t2) \ +#define EXEC_REPL2(fn, t1, t2) \ sudo_dso_public int \ FN_NAME(fn)(t1 a1, t2 a2) \ -DUMMY_BODY \ +EXEC_REPL_BODY \ INTERPOSE(fn) -#define DUMMY3(fn, t1, t2, t3) \ +#define EXEC_REPL3(fn, t1, t2, t3) \ sudo_dso_public int \ FN_NAME(fn)(t1 a1, t2 a2, t3 a3) \ -DUMMY_BODY \ +EXEC_REPL_BODY \ INTERPOSE(fn) -#define DUMMY6(fn, t1, t2, t3, t4, t5, t6) \ +#define EXEC_REPL6(fn, t1, t2, t3, t4, t5, t6) \ sudo_dso_public int \ FN_NAME(fn)(t1 a1, t2 a2, t3 a3, t4 a4, t5 a5, t6 a6) \ -DUMMY_BODY \ +EXEC_REPL_BODY \ INTERPOSE(fn) -#define DUMMY_VA(fn, t1, t2) \ +#define EXEC_REPL_VA(fn, t1, t2) \ sudo_dso_public int \ FN_NAME(fn)(t1 a1, t2 a2, ...) \ -DUMMY_BODY \ +EXEC_REPL_BODY \ INTERPOSE(fn) /* * Standard exec(3) family of functions. */ -DUMMY_VA(execl, const char *, const char *) -DUMMY_VA(execle, const char *, const char *) -DUMMY_VA(execlp, const char *, const char *) -DUMMY2(execv, const char *, char * const *) -DUMMY2(execvp, const char *, char * const *) -DUMMY3(execve, const char *, char * const *, char * const *) +EXEC_REPL_VA(execl, const char *, const char *) +EXEC_REPL_VA(execle, const char *, const char *) +EXEC_REPL_VA(execlp, const char *, const char *) +EXEC_REPL2(execv, const char *, char * const *) +EXEC_REPL2(execvp, const char *, char * const *) +EXEC_REPL3(execve, const char *, char * const *, char * const *) /* * Non-standard exec(3) functions and corresponding private versions. */ #ifdef HAVE_EXECVP -DUMMY3(execvP, const char *, const char *, char * const *) +EXEC_REPL3(execvP, const char *, const char *, char * const *) #endif #ifdef HAVE_EXECVPE -DUMMY3(execvpe, const char *, char * const *, char * const *) +EXEC_REPL3(execvpe, const char *, char * const *, char * const *) #endif #ifdef HAVE_EXECT -DUMMY3(exect, const char *, char * const *, char * const *) +EXEC_REPL3(exect, const char *, char * const *, char * const *) #endif /* * Not all systems support fexecve(2), posix_spawn(2) and posix_spawnp(2). */ #ifdef HAVE_FEXECVE -DUMMY3(fexecve, int , char * const *, char * const *) +EXEC_REPL3(fexecve, int , char * const *, char * const *) #endif #ifdef HAVE_POSIX_SPAWN -DUMMY6(posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) +EXEC_REPL6(posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) #endif #ifdef HAVE_POSIX_SPAWNP -DUMMY6(posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) +EXEC_REPL6(posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *) #endif /* * system(3) and popen(3). * We can't use a wrapper for popen since it returns FILE *, not int. */ -DUMMY1(system, const char *) +EXEC_REPL1(system, const char *) sudo_dso_public FILE * FN_NAME(popen)(const char *c, const char *t) diff --git a/src/tgetpass.c b/src/tgetpass.c index 7979738e0..5ccb5136e 100644 --- a/src/tgetpass.c +++ b/src/tgetpass.c @@ -379,7 +379,7 @@ getln(int fd, char *buf, size_t bufsiz, bool feedback, if (left == 0) { *errval = TGP_ERRVAL_READERROR; errno = EINVAL; - debug_return_str(NULL); /* sanity */ + debug_return_str(NULL); } while (--left) { |