isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rewind the fd after calling sudo_filedigest(). Otherwise, when

Browse Source 
running a script via fexecve(), the interpreter may get EOF when
reading /dev/fd/N.  This only appears to affect BSD systems with
fdescfs.  Bug #831.
This commit is contained in:
Todd C. Miller
2018-04-23 20:43:04 -06:00
parent 6e22da3412
commit 64c78a61cb
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/match.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 1998-2005, 2007-2017
* Copyright (c) 1996, 1998-2005, 2007-2018
* Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -785,6 +785,7 @@ digest_matches(int fd, const char *file, const struct sudo_digest *sd)
debug_decl(digest_matches, SUDOERS_DEBUG_MATCH)
file_digest = sudo_filedigest(fd, file, sd->digest_type, &digest_len);
lseek(fd, SEEK_SET, (off_t)0);
if (file_digest == NULL) {
/* Warning (if any) printed by sudo_filedigest() */
goto done;