diff --git a/MANIFEST b/MANIFEST
index 31b6efaed..8c5a57ae8 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -493,7 +493,8 @@ plugins/sudoers/auth/securid5.c
 plugins/sudoers/auth/sia.c
 plugins/sudoers/auth/sudo_auth.c
 plugins/sudoers/auth/sudo_auth.h
-plugins/sudoers/base64.c
+plugins/sudoers/b64_decode.c
+plugins/sudoers/b64_encode.c
 plugins/sudoers/boottime.c
 plugins/sudoers/bsm_audit.c
 plugins/sudoers/bsm_audit.h
diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
index 3833eacdc..a4c86209d 100644
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -81,6 +81,7 @@ static bool valid_path(struct sudo_defs_types *def, const char *val, const char
 void
 dump_defaults(void)
 {
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
     struct sudo_defs_types *cur;
     struct list_member *item;
     struct def_values *def;
@@ -164,6 +165,7 @@ dump_defaults(void)
 	}
     }
     debug_return;
+#endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
 }
 
 /*
diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c
index 6feaa38fa..32032c4a5 100644
--- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c
+++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c
@@ -268,6 +268,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
     sudoersrestart(fp);
     sudoersparse();
     reparent_parse_tree(&parse_tree);
+    update_defaults(&parse_tree, NULL, (SETDEF_ALL & ~SETDEF_USER), false);
 
     if (!parse_error) {
 	/* Match user/host/command against parsed policy. */
@@ -278,6 +279,8 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	    if (sudo_user.pw == NULL)
 		goto done;
 
+	    update_defaults(&parse_tree, NULL, SETDEF_USER, false);
+
 	    sudoers_lookup(&snl, sudo_user.pw, &cmnd_status, false);
 
 	    /* Match again as a pseudo-command (list, validate, etc). */
diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok b/plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok
index b46821b46..a55c17292 100644
--- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok
+++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.out.ok
@@ -368,6 +368,7 @@ user3	ALL = TIMEOUT=10m30ss /usr/bin/id
 sudoers:8:21: invalid timeout value
 user4	ALL = TIMEOUT=14g /usr/bin/id
                     ^~~
+fuzz_sudoers: sudoers:2:26: value "2d8h10m59ss" is invalid for option "command_timeout"
 Executed regress/sudoers/test18.in
 Running: regress/sudoers/test19.in
 User root is not allowed to run sudo on localhost.