fixed invalid sesh argument array construction
This commit is contained in:
Daniel Kopecek
parent
df8acf06e9
commit
c0063cebde
41
sudo-1.8.16-seshargsfix.patch
Normal file
41
sudo-1.8.16-seshargsfix.patch
Normal file
@ -0,0 +1,41 @@
|
||||
diff -up sudo-1.8.16/src/selinux.c.seshargsfix sudo-1.8.16/src/selinux.c
|
||||
--- sudo-1.8.16/src/selinux.c.seshargsfix 2016-03-17 17:13:10.000000000 +0100
|
||||
+++ sudo-1.8.16/src/selinux.c 2016-05-12 09:29:14.687014460 +0200
|
||||
@@ -378,7 +378,7 @@ selinux_execve(int fd, const char *path,
|
||||
{
|
||||
char **nargv;
|
||||
const char *sesh;
|
||||
- int argc, serrno;
|
||||
+ int argc, nargc, serrno;
|
||||
debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
|
||||
|
||||
sesh = sudo_conf_sesh_path();
|
||||
@@ -409,9 +409,7 @@ selinux_execve(int fd, const char *path,
|
||||
*/
|
||||
for (argc = 0; argv[argc] != NULL; argc++)
|
||||
continue;
|
||||
- if (fd != -1)
|
||||
- argc++;
|
||||
- nargv = reallocarray(NULL, argc + 2, sizeof(char *));
|
||||
+ nargv = reallocarray(NULL, argc + 3, sizeof(char *));
|
||||
if (nargv == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
debug_return;
|
||||
@@ -420,13 +418,13 @@ selinux_execve(int fd, const char *path,
|
||||
nargv[0] = *argv[0] == '-' ? "-sesh-noexec" : "sesh-noexec";
|
||||
else
|
||||
nargv[0] = *argv[0] == '-' ? "-sesh" : "sesh";
|
||||
- argc = 1;
|
||||
- if (fd != -1 && asprintf(&nargv[argc++], "--execfd=%d", fd) == -1) {
|
||||
+ nargc = 1;
|
||||
+ if (fd != -1 && asprintf(&nargv[nargc++], "--execfd=%d", fd) == -1) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
debug_return;
|
||||
}
|
||||
- nargv[argc] = (char *)path;
|
||||
- memcpy(&nargv[argc + 1], &argv[argc], argc * sizeof(char *)); /* copies NULL */
|
||||
+ nargv[nargc++] = (char *)path;
|
||||
+ memcpy(&nargv[nargc], &argv[argc], argc * sizeof(char *)); /* copies NULL */
|
||||
|
||||
/* sesh will handle noexec for us. */
|
||||
sudo_execve(-1, sesh, nargv, envp, false);
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Allows restricted root access for specified users
|
||||
Name: sudo
|
||||
Version: 1.8.16
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: ISC
|
||||
Group: Applications/System
|
||||
URL: http://www.courtesan.com/sudo/
|
||||
@ -32,6 +32,8 @@ Patch2: sudo-1.8.14p1-ldapconfpatch.patch
|
||||
Patch3: sudo-1.8.14p1-docpassexpire.patch
|
||||
# Patch initialize variable before executing sudo_strsplit
|
||||
Patch4: sudo-1.8.14p3-initialization.patch
|
||||
# 1328735 - Weird sudo issue that seems to be selinux related
|
||||
Patch5: sudo-1.8.16-seshargsfix.patch
|
||||
|
||||
%description
|
||||
Sudo (superuser do) allows a system administrator to give certain
|
||||
@ -60,6 +62,7 @@ plugins that use %{name}.
|
||||
%patch2 -p1 -b .ldapconfpatch
|
||||
%patch3 -p1 -b .docpassexpire
|
||||
%patch4 -p1 -b .initialization
|
||||
%patch5 -p1 -b .seshargsfix
|
||||
|
||||
%build
|
||||
# Remove bundled copy of zlib
|
||||
@ -198,6 +201,9 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_libexecdir}/sudo/libsudo_util.so
|
||||
|
||||
%changelog
|
||||
* Thu May 12 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-2
|
||||
- fixed invalid sesh argument array construction
|
||||
|
||||
* Mon Apr 04 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-1
|
||||
- update to 1.8.16
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user