isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

In sudoers_main() avoid setting rval prematurely. Prevents a crash

Browse Source 
when auditing fails after successfully authenticating.  Bug #756
This commit is contained in:
Todd C. Miller
2016-09-05 19:44:46 -06:00
parent 43084d8f91
commit b80309e6d8
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
plugins/sudoers/sudoers.c
View File

@@ -415,13 +415,19 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
goto bad; goto bad;
/* Require a password if sudoers says so. */ /* Require a password if sudoers says so. */
rval = check_user(validated, sudo_mode); switch (check_user(validated, sudo_mode)) {
if (rval != true) { case true:
/* user authenticated successfully. */
break;
case false:
/* Note: log_denial() calls audit for us. */ /* Note: log_denial() calls audit for us. */
if (!ISSET(validated, VALIDATE_SUCCESS)) { if (!ISSET(validated, VALIDATE_SUCCESS)) {
if (!log_denial(validated, false)) if (!log_denial(validated, false))
rval = -1; goto done;
} }
goto bad;
default:
/* some other error, rval is -1. */
goto done; goto done;
} }