packages/sudo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!110 [sync] PR-107: Backport patche from upstream community

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
This commit is contained in:
openeuler-ci-bot 2023-11-27 01:58:57 +00:00 committed by Gitee
commit 05637957da
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
backport-Set-command_info-to-NULL-once-it-is-freed.patch Normal file
View File

@ -0,0 +1,25 @@
From 0bb41ed82a5849b0c64d7046662825d84e983e4d Mon Sep 17 00:00:00 2001
From: Rose <83477269+AtariDreams@users.noreply.github.com>
Date: Mon, 26 Jun 2023 15:08:51 -0400
Subject: [PATCH] Set command_info to NULL once it is freed
The lack of setting to NULL is a holdover from when command_info was a local variable and not a global one. However, we given how other global variables are set to NULL, it is best that we do the same here to avoid potential issues should sudoers_policy_store_result be called again after the first time failed, otherwise we could get a double-free.
---
plugins/sudoers/policy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
index 7157fab2b..f018caca2 100644
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -1054,6 +1054,7 @@ bad:
while (info_len--)
free(command_info[info_len]);
free(command_info);
+ command_info = NULL;
debug_return_bool(false);
}
--
2.23.0

6
sudo.spec
View File

@ -1,6 +1,6 @@
Name: sudo Name: sudo
Version: 1.9.8p2 Version: 1.9.8p2
Release: 13 Release: 14
Summary: Allows restricted root access for specified users Summary: Allows restricted root access for specified users
License: ISC License: ISC
URL: http://www.courtesan.com/sudo/ URL: http://www.courtesan.com/sudo/
@ -37,6 +37,7 @@ Patch23: backport-sudoers_main-defer-setting-return-value-until-the-en.patch
Patch24: backport-sudo_putenv_nodebug-require-that-the-environment-str.patch Patch24: backport-sudo_putenv_nodebug-require-that-the-environment-str.patch
Patch25: backport-Linux-execve-2-allows-argv-or-envp-to-be-NULL.patch Patch25: backport-Linux-execve-2-allows-argv-or-envp-to-be-NULL.patch
Patch26: backport-Fix-potential-NULL-pointer-deference-found-by-clang-.patch Patch26: backport-Fix-potential-NULL-pointer-deference-found-by-clang-.patch
Patch27: backport-Set-command_info-to-NULL-once-it-is-freed.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: pam Requires: pam
@ -187,6 +188,9 @@ install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
%exclude %{_pkgdocdir}/ChangeLog %exclude %{_pkgdocdir}/ChangeLog
%changelog %changelog
* Mon Aug 07 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 1.9.8p2-14
- Backport patche from upstream community
* Tue Jun 13 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 1.9.8p2-13 * Tue Jun 13 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 1.9.8p2-13
- Backport patches from upstream community - Backport patches from upstream community