isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Avoid passing NULL to printf in match debug code for LDAP/SSSD.

Browse Source 
The file name in struct userspec was not set for the LDAP and SSSD
backends.  There is no actual file in this case so set the name to
LDAP/SSSD.  Also add a guard to make sure we don't try to print
NULL in sudoers_lookup_check() if name is left unset.
This commit is contained in:
Todd C. Miller
2020-06-04 11:31:12 -06:00
parent b40551dc32
commit 49e43f580c
3 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/parse.c
View File

@@ -161,7 +161,8 @@ sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw,
*matching_cs = cs;
*defs = &priv->defaults;
sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
"userspec matched @ %s:%d %s", us->file, us->lineno,
"userspec matched @ %s:%d %s",
us->file ? us->file : "???", us->lineno,
cmnd_match ? "allowed" : "denied");
debug_return_int(cmnd_match);
}