isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix potential NULL deref if getpwuid(0) fails.

Browse Source 
Coverity CID 249326
This commit is contained in:
Todd C. Miller
2022-02-15 19:41:31 -07:00
parent 9f695f0fcc
commit 72961fe433
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugins/sudoers/parse.c
View File

@@ -60,6 +60,8 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw,
CLR(validated, FLAG_NO_HOST);
if (list_pw != NULL) {
root_pw = sudo_getpwuid(ROOT_UID);
if (root_pw == NULL)
log_warningx(SLOG_SEND_MAIL, N_("unknown uid %u"), ROOT_UID);
} else {
SET(validated, FLAG_NO_CHECK);
}
@@ -100,13 +102,17 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw,
}
/* Runas user must match list user or root. */
if (userlist_matches(nss->parse_tree, list_pw,
cs->runasuserlist) == DENY ||
userlist_matches(nss->parse_tree, root_pw,
cs->runasuserlist) != ALLOW)
cs->runasuserlist) == DENY) {
continue;
}
if (root_pw == NULL || userlist_matches(nss->parse_tree,
root_pw, cs->runasuserlist) != ALLOW) {
continue;
}
if (cmnd_matches(nss->parse_tree, cs->cmnd, cs->runchroot,
NULL) == ALLOW)
NULL) == ALLOW) {
match = ALLOW;
}
}
}
}