[sudo-workers] visudo regression
Daniel Kopecek
dkopecek at redhat.com
Wed Jan 23 07:19:17 EST 2013
Hello,
I've been notified about a regression in the visudo tool in respect to
loops in alias definitions.
The reproducer looks like this:
# cat <<EOF >>/etc/sudoers
User_Alias YYY = FOO
User_Alias XXX = nobody
User_Alias FOO = XXX,YYY
FOO ALL=(ALL) NOPASSWD: ALL
EOF
# visudo -c
visudo: Warning: cycle in User_Alias `FOO'
Segmentation fault (core dumped)
It can be reproduced using the latest (1.8.6p4) release of sudo.
GDB backtrace: http://fpaste.org/3kWC/
Proposed patch:
-------
diff -up sudo-1.8.6p3/plugins/sudoers/visudo.c.cyclesegv sudo-1.8.6p3/plugins/sudoers/visudo.c
--- sudo-1.8.6p3/plugins/sudoers/visudo.c.cyclesegv 2013-01-23 12:15:32.493762418 +0100
+++ sudo-1.8.6p3/plugins/sudoers/visudo.c 2013-01-23 12:40:52.280432614 +0100
@@ -1075,18 +1075,16 @@ alias_remove_recursive(char *name, int t
bool rval = true;
debug_decl(alias_remove_recursive, SUDO_DEBUG_ALIAS)
- if ((a = alias_find(name, type)) != NULL) {
+ if ((a = alias_remove(name, type)) != NULL) {
tq_foreach_fwd(&a->members, m) {
if (m->type == ALIAS) {
if (!alias_remove_recursive(m->name, type))
rval = false;
}
}
+ rbinsert(alias_freelist, a);
}
alias_seqno++;
- a = alias_remove(name, type);
- if (a)
- rbinsert(alias_freelist, a);
debug_return_bool(rval);
}
-------
Dan K.
More information about the sudo-workers
mailing list