From 15fd62f0d5e30f537e444aa4251137f671bdc27c Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Mon, 25 Jul 2022 08:51:49 -0600
Subject: [PATCH] resolve_path: skip non-regular files

---
 src/sudo_intercept.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/sudo_intercept.c b/src/sudo_intercept.c
index 48ecc9bc9..2e11faf3e 100644
--- a/src/sudo_intercept.c
+++ b/src/sudo_intercept.c
@@ -104,6 +104,8 @@ resolve_path(const char *cmnd, char *out_cmnd, size_t out_size)
 	}
 
 	if (stat(path, &sb) == 0) {
+	    if (!S_ISREG(sb.st_mode))
+		continue;
 	    if (strlcpy(out_cmnd, path, out_size) >= out_size) {
 		errval = ENAMETOOLONG;
 		break;
@@ -150,6 +152,17 @@ exec_wrapper(const char *cmnd, char * const argv[], char * const envp[],
 	    debug_return_int(-1);
 	}
 	cmnd = cmnd_buf;
+    } else {
+	struct stat sb;
+
+	/* Absolute or relative path name. */
+	if (stat(cmnd, &sb) == -1) {
+	    /* Leave errno unchanged. */
+	    debug_return_int(-1);
+	} else if (!S_ISREG(sb.st_mode)) {
+	    errno = EACCES;
+	    debug_return_int(-1);
+	}
     }
 
 # if defined(HAVE___INTERPOSE)