From 097bec06bde61440dbf855defbb9b70f0e73524b Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Fri, 3 Nov 2023 11:29:20 -0600
Subject: [PATCH] sudo_conf_debug_files: special handling of DSO members for
 AIX

When matching debug files for AIX-style DSOs like sudoers.a(sudoers.so)
we want to match on the full name, the name without the member and
on the member itself.  This makes it possible to use the existing
examples in the sudo.conf fiile on AIX.
---
 lib/util/sudo_conf.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/lib/util/sudo_conf.c b/lib/util/sudo_conf.c
index f884baa0b..be22e4505 100644
--- a/lib/util/sudo_conf.c
+++ b/lib/util/sudo_conf.c
@@ -40,6 +40,9 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <limits.h>
+#ifdef HAVE_DLOPEN
+# include <dlfcn.h>
+#endif
 
 #define SUDO_ERROR_WRAP	0
 
@@ -542,6 +545,28 @@ sudo_conf_debug_files_v1(const char *progname)
 	}
 	if (strcmp(debug_spec->progname, prog) == 0)
 	    debug_return_ptr(&debug_spec->debug_files);
+
+#ifdef RTLD_MEMBER
+	/* Handle names like sudoers.a(sudoers.so) for AIX. */
+	const char *cp = strchr(prog, '(');
+	const char *ep = strchr(prog, ')');
+	if (cp != NULL && ep != NULL) {
+	    /* Match on the program name without the member. */
+	    size_t len = (size_t)(cp - prog);
+	    if (strncmp(debug_spec->progname, prog, len) == 0 &&
+		    debug_spec->progname[len] == '\0') {
+		debug_return_ptr(&debug_spec->debug_files);
+	    }
+
+	    /* Match on the member itself. */
+	    cp++;
+	    len = (size_t)(ep - cp);
+	    if (strncmp(debug_spec->progname, cp, len) == 0 &&
+		    debug_spec->progname[len] == '\0') {
+		debug_return_ptr(&debug_spec->debug_files);
+	    }
+	}
+#endif
     }
     debug_return_ptr(NULL);
 }