From c2d93b8c97fcf396dddd3b1c4577fc06bd0f9793 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Thu, 18 Oct 2018 14:24:55 -0600
Subject: [PATCH] Simplify the logic surrounding sudoers_args in
 command_args_match(). We only need to check that sudoers_args is non-NULL
 once. Found by PVS-Studio.

---
 plugins/sudoers/match.c | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/plugins/sudoers/match.c b/plugins/sudoers/match.c
index 71d67fdc9..b3354aabe 100644
--- a/plugins/sudoers/match.c
+++ b/plugins/sudoers/match.c
@@ -413,20 +413,18 @@ command_args_match(const char *sudoers_cmnd, const char *sudoers_args)
      * If no args specified in sudoers, any user args are allowed.
      * If the empty string is specified in sudoers, no user args are allowed.
      */
-    if (!sudoers_args ||
-	(!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)))
+    if (!sudoers_args || (!user_args && !strcmp("\"\"", sudoers_args)))
 	debug_return_bool(true);
+
     /*
      * If args are specified in sudoers, they must match the user args.
      * If running as sudoedit, all args are assumed to be paths.
      */
-    if (sudoers_args) {
-	/* For sudoedit, all args are assumed to be pathnames. */
-	if (strcmp(sudoers_cmnd, "sudoedit") == 0)
-	    flags = FNM_PATHNAME;
-	if (fnmatch(sudoers_args, user_args ? user_args : "", flags) == 0)
-	    debug_return_bool(true);
-    }
+    if (strcmp(sudoers_cmnd, "sudoedit") == 0)
+	flags = FNM_PATHNAME;
+    if (fnmatch(sudoers_args, user_args ? user_args : "", flags) == 0)
+	debug_return_bool(true);
+
     debug_return_bool(false);
 }