isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Linux execve(2) allows argv or envp to be NULL.

Browse Source 
Add checks to make sure we don't deference a NULL pointer.
This commit is contained in:
Todd C. Miller
2022-07-14 09:29:40 -06:00
parent a5ac29219a
commit e5652fc65a
6 changed files with 64 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/exec_intercept.c
View File

@@ -491,7 +491,7 @@ intercept_check_policy_req(PolicyCheckRequest *req,
size_t n;
debug_decl(intercept_check_policy_req, SUDO_DEBUG_EXEC);
if (req->command == NULL || req->n_argv == 0 || req->n_envp == 0) {
if (req->command == NULL || req->n_argv == 0) {
closure->errstr = N_("invalid PolicyCheckRequest");
goto done;
}