[sudo-commits] sudo changeset 14299:29d1380d2fe0
Todd C. Miller
Todd.Miller at sudo.ws
Fri Nov 11 07:11:21 MST 2022
changeset: 14299:29d1380d2fe0 in /raid/repos/sudo
details: https://www.sudo.ws/repos/sudo/rev/29d1380d2fe0
user: Todd C. Miller <Todd.Miller at sudo.ws>
date: Thu Nov 10 14:55:56 2022 -0700
Log Message:
Fix a potential use-after-free bug with cvtsudoers filtering.
In role_to_sudoers() when merging a privilege to the previous one
where the runas lists are the same we need to re-use the runas lists
of the last command in the previous privilege, not the first.
Otherwise, the check in free_cmndspec() will not notice the re-used
runas lists. Reported/analyzed by Sohom Datta. GitHub issue #198.
diffstat:
plugins/sudoers/parse_ldif.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
More information about the sudo-commits
mailing list