Fix matching of uids and gids broken in sudo 1.8.9.

MANIFEST

@@ -364,6 +364,10 @@ plugins/sudoers/regress/testsudoers/test4.out.ok
 plugins/sudoers/regress/testsudoers/test4.sh
 plugins/sudoers/regress/testsudoers/test5.out.ok
 plugins/sudoers/regress/testsudoers/test5.sh
+plugins/sudoers/regress/testsudoers/test6.out.ok
+plugins/sudoers/regress/testsudoers/test6.sh
+plugins/sudoers/regress/testsudoers/test7.out.ok
+plugins/sudoers/regress/testsudoers/test7.sh
 plugins/sudoers/regress/visudo/test1.out.ok
 plugins/sudoers/regress/visudo/test1.sh
 plugins/sudoers/regress/visudo/test2.err.ok

plugins/sudoers/match.c

@@ -802,7 +802,7 @@ userpw_matches(const char *sudoers_user, const char *user, const struct passwd *
 
     if (pw != NULL && *sudoers_user == '#') {
 	uid = (uid_t) atoid(sudoers_user + 1, NULL, NULL, &errstr);
-	if (errstr != NULL && uid == pw->pw_uid) {
+	if (errstr == NULL && uid == pw->pw_uid) {
 	    rc = true;
 	    goto done;
 	}
@@ -829,7 +829,7 @@ group_matches(const char *sudoers_group, const struct group *gr)
 
     if (*sudoers_group == '#') {
 	gid = (gid_t) atoid(sudoers_group + 1, NULL, NULL, &errstr);
-	if (errstr != NULL && gid == gr->gr_gid) {
+	if (errstr == NULL && gid == gr->gr_gid) {
 	    rc = true;
 	    goto done;
 	}

plugins/sudoers/regress/testsudoers/test6.out.ok

@@ -0,0 +1,10 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+	runas matched
+	cmnd  allowed
+
+Command allowed

plugins/sudoers/regress/testsudoers/test6.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Verify sudoers matching by uid.
+#
+
+exec 2>&1
+./testsudoers root id <<EOF
+#0 ALL = ALL
+EOF
+
+exit 0

plugins/sudoers/regress/testsudoers/test7.out.ok

@@ -0,0 +1,10 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+	runas matched
+	cmnd  allowed
+
+Command allowed

plugins/sudoers/regress/testsudoers/test7.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Verify sudoers matching by gid.
+#
+
+exec 2>&1
+./testsudoers root id <<EOF
+%#0 ALL = ALL
+EOF
+
+exit 0