Be careful not to deref user_stat if it is NULL. This cannot currently

happen in sudo but might in other programs using the parser.
2011-03-16 15:59:44 -04:00
parent de0df45cc9
commit 092b4b4d02
1 changed files with 3 additions and 2 deletions
--- a/plugins/sudoers/match.c
+++ b/plugins/sudoers/match.c
@@ -580,8 +580,9 @@ command_matches_dir(char *sudoers_dir, size_t dlen)
 	if (strcmp(user_base, dent->d_name) != 0 ||
 	    stat(buf, &sudoers_stat) == -1)
 	    continue;
-	if (user_stat->st_dev == sudoers_stat.st_dev &&
-	    user_stat->st_ino == sudoers_stat.st_ino) {
+	if (user_stat == NULL ||
+	    (user_stat->st_dev == sudoers_stat.st_dev &&
+	    user_stat->st_ino == sudoers_stat.st_ino)) {
 	    efree(safe_cmnd);
 	    safe_cmnd = estrdup(buf);
 	    break;