isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sudoers_lookup_check: preserve intercepted flag when reinitializing cmnd_info

Browse Source 
Otherwise we may not reject an attempt to run a set-user-ID command.
This commit is contained in:
Todd C. Miller
2022-05-03 09:30:09 -06:00
parent 3ee8bcefb0
commit 4d75b32799
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugins/sudoers/parse.c
View File

@@ -131,6 +131,14 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw,
debug_return_int(validated); debug_return_int(validated);
} }
static void
init_cmnd_info(struct cmnd_info *info)
{
memset(info, 0, sizeof(*info));
if (def_intercept || ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
info->intercepted = true;
}
static int static int
sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw, sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw,
int *validated, struct cmnd_info *info, struct cmndspec **matching_cs, int *validated, struct cmnd_info *info, struct cmndspec **matching_cs,
@@ -143,9 +151,7 @@ sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw,
struct member *matching_user; struct member *matching_user;
debug_decl(sudoers_lookup_check, SUDOERS_DEBUG_PARSER); debug_decl(sudoers_lookup_check, SUDOERS_DEBUG_PARSER);
memset(info, 0, sizeof(*info)); init_cmnd_info(info);
if (def_intercept || ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
info->intercepted = true;
TAILQ_FOREACH_REVERSE(us, &nss->parse_tree->userspecs, userspec_list, entries) { TAILQ_FOREACH_REVERSE(us, &nss->parse_tree->userspecs, userspec_list, entries) {
if (userlist_matches(nss->parse_tree, pw, &us->users) != ALLOW) if (userlist_matches(nss->parse_tree, pw, &us->users) != ALLOW)
@@ -193,7 +199,7 @@ sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw,
debug_return_int(cmnd_match); debug_return_int(cmnd_match);
} }
free(info->cmnd_path); free(info->cmnd_path);
memset(info, 0, sizeof(*info)); init_cmnd_info(info);
} }
} }
} }