rpms/sudo
7
0
Fork 0
Code Issues Pull Requests Releases Activity

fixed invalid sesh argument array construction

Browse Source
This commit is contained in:
Daniel Kopecek 2016-05-12 09:33:11 +02:00
parent df8acf06e9
commit c0063cebde
2 changed files with 48 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
sudo-1.8.16-seshargsfix.patch Normal file
View File

@ -0,0 +1,41 @@
diff -up sudo-1.8.16/src/selinux.c.seshargsfix sudo-1.8.16/src/selinux.c
--- sudo-1.8.16/src/selinux.c.seshargsfix 2016-03-17 17:13:10.000000000 +0100
+++ sudo-1.8.16/src/selinux.c 2016-05-12 09:29:14.687014460 +0200
@@ -378,7 +378,7 @@ selinux_execve(int fd, const char *path,
{
char **nargv;
const char *sesh;
- int argc, serrno;
+ int argc, nargc, serrno;
debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
sesh = sudo_conf_sesh_path();
@@ -409,9 +409,7 @@ selinux_execve(int fd, const char *path,
*/
for (argc = 0; argv[argc] != NULL; argc++)
continue;
- if (fd != -1)
- argc++;
- nargv = reallocarray(NULL, argc + 2, sizeof(char *));
+ nargv = reallocarray(NULL, argc + 3, sizeof(char *));
if (nargv == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return;
@@ -420,13 +418,13 @@ selinux_execve(int fd, const char *path,
nargv[0] = *argv[0] == '-' ? "-sesh-noexec" : "sesh-noexec";
else
nargv[0] = *argv[0] == '-' ? "-sesh" : "sesh";
- argc = 1;
- if (fd != -1 && asprintf(&nargv[argc++], "--execfd=%d", fd) == -1) {
+ nargc = 1;
+ if (fd != -1 && asprintf(&nargv[nargc++], "--execfd=%d", fd) == -1) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return;
}
- nargv[argc] = (char *)path;
- memcpy(&nargv[argc + 1], &argv[argc], argc * sizeof(char *)); /* copies NULL */
+ nargv[nargc++] = (char *)path;
+ memcpy(&nargv[nargc], &argv[argc], argc * sizeof(char *)); /* copies NULL */
/* sesh will handle noexec for us. */
sudo_execve(-1, sesh, nargv, envp, false);

8
sudo.spec
View File

@ -1,7 +1,7 @@
Summary: Allows restricted root access for specified users Summary: Allows restricted root access for specified users
Name: sudo Name: sudo
Version: 1.8.16 Version: 1.8.16
Release: 1%{?dist} Release: 2%{?dist}
License: ISC License: ISC
Group: Applications/System Group: Applications/System
URL: http://www.courtesan.com/sudo/ URL: http://www.courtesan.com/sudo/
@ -32,6 +32,8 @@ Patch2: sudo-1.8.14p1-ldapconfpatch.patch
Patch3: sudo-1.8.14p1-docpassexpire.patch Patch3: sudo-1.8.14p1-docpassexpire.patch
# Patch initialize variable before executing sudo_strsplit # Patch initialize variable before executing sudo_strsplit
Patch4: sudo-1.8.14p3-initialization.patch Patch4: sudo-1.8.14p3-initialization.patch
# 1328735 - Weird sudo issue that seems to be selinux related
Patch5: sudo-1.8.16-seshargsfix.patch
%description %description
Sudo (superuser do) allows a system administrator to give certain Sudo (superuser do) allows a system administrator to give certain
@ -60,6 +62,7 @@ plugins that use %{name}.
%patch2 -p1 -b .ldapconfpatch %patch2 -p1 -b .ldapconfpatch
%patch3 -p1 -b .docpassexpire %patch3 -p1 -b .docpassexpire
%patch4 -p1 -b .initialization %patch4 -p1 -b .initialization
%patch5 -p1 -b .seshargsfix
%build %build
# Remove bundled copy of zlib # Remove bundled copy of zlib
@ -198,6 +201,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libexecdir}/sudo/libsudo_util.so %{_libexecdir}/sudo/libsudo_util.so
%changelog %changelog
* Thu May 12 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-2
- fixed invalid sesh argument array construction
* Mon Apr 04 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-1 * Mon Apr 04 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-1
- update to 1.8.16 - update to 1.8.16