[sudo-users] sudo segfaults when talking to ldap
Todd C. Miller
Todd.Miller at courtesan.com
Mon Jun 16 13:42:48 MDT 2014
Looks like a NULL pointer dereference. The following patch may fix
it. I can build you a package with that patch if you tell me whether
you are running amd64 or i386.
- todd
diff -r 6c0cc2def911 plugins/sudoers/ldap.c
--- a/plugins/sudoers/ldap.c Wed Jun 04 11:43:39 2014 -0600
+++ b/plugins/sudoers/ldap.c Mon Jun 16 13:41:02 2014 -0600
@@ -2429,10 +2429,11 @@
rc = ldap_sasl_interactive_bind_s(ld, ldap_conf.binddn, "GSSAPI",
NULL, NULL, LDAP_SASL_QUIET, sudo_ldap_sasl_interact, auth_id);
if (new_ccname != NULL) {
- rc = sudo_set_krb5_ccache_name(old_ccname, NULL);
+ rc = sudo_set_krb5_ccache_name(old_ccname ? old_ccname : "", NULL);
if (rc == 0) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
- "restore ccache name %s -> %s", new_ccname, old_ccname);
+ "restore ccache name %s -> %s", new_ccname,az
+ old_ccname ? old_ccname : "(none)");
} else {
sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
"gss_krb5_ccache_name() failed: %d", rc);
More information about the sudo-users
mailing list