[sudo-workers] Getcwd failure

[Tomas Sykora]

Hi,

our customer has reported a segmentation fault in the sudo command. The backtrace:

~~~
#0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:1455
#1  0x00007feb3dc86817 in exec_setup (details=0x7fff7bbebe50, ptyname=<value optimized out>, ptyfd=-1) at ./sudo.c:1087
#2  0x00007feb3dc7f8d5 in fork_cmnd (details=0x7fff7bbebe50, cstat=0x7fff7bbebcf0) at ./exec.c:147
#3  sudo_execute (details=0x7fff7bbebe50, cstat=0x7fff7bbebcf0) at ./exec.c:384
#4  0x00007feb3dc87d20 in run_command (details=0x7fff7bbebe50) at ./sudo.c:1116
#5  0x00007feb3dc88d45 in main (argc=<value optimized out>, argv=<value optimized out>, envp=0x7fff7bbec070) at ./sudo.c:301

(gdb) f 1
#1  0x00007feb3dc86817 in exec_setup (details=0x7fff7bbebe50, ptyname=<value optimized out>, ptyfd=-1) at ./sudo.c:1087

(gdb) p user_details
$1 = {pid = 31771, ppid = 27279, pgid = 31771, tcpgid = 31771, sid = 27279, uid = 12003, euid = 0, gid = 4200, egid = 4200, 
  username = 0x7feb3ed8e8f5 "migusr003t", cwd = 0x0, tty = 0x7feb3ed8e934 "/dev/pts/7", host = 0x7feb3ed8f665 "fextdb01", 
  shell = 0x7feb3ed8e910 "/bin/bash", groups = 0x7feb3ed8f620, ngroups = 1, ts_cols = 141, ts_lines = 37}
(gdb) 
~~~

This problem occured in quite older version of sudo and we didn't have a reproducer for this. We solved it with this patch:

~~~
diff --git a/src/sudo.c b/src/sudo.c
index 0606a19..894d606 100644
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -574,6 +574,9 @@ get_user_info(struct user_details *ud)
            goto oom;
        ud->cwd = user_info[i] + sizeof("cwd=") - 1;
     }   
+    else {
+       sudo_fatalx(U_("unable to resolve current working directory"));
+    }
 
     if (get_process_ttyname(path, sizeof(path)) != NULL) {
        user_info[++i] = sudo_new_key_val("tty", path);
~~~

The reasoning behind this patch is that there is nothing much that can be done from within sudo if getcwd fails. As we still use this patch, would it be possible to accept this in upstream?

Thank you, 
Tomas Sykora