From 245c56bac1edc228983f0c4b9077de4328dde9c3 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Mon, 5 Jun 2023 16:03:03 -0600
Subject: [PATCH] Only call ptrace_verify_post_exec() for intercept, not
 log_subcmds.

---
 src/exec_ptrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/exec_ptrace.c b/src/exec_ptrace.c
index 89c10389c..201c5f8a9 100644
--- a/src/exec_ptrace.c
+++ b/src/exec_ptrace.c
@@ -1936,7 +1936,7 @@ ptrace_intercept_execve(pid_t pid, struct intercept_closure *closure)
 	    }
 	}
 	if (closure->state == POLICY_ACCEPT) {
-	    if (ISSET(closure->details->flags, CD_INTERCEPT_VERIFY)) {
+	    if (ISSET(closure->details->flags, CD_INTERCEPT|CD_INTERCEPT_VERIFY)) {
 		/* Verify execve(2) args post-exec. */
 		if (!ptrace_verify_post_exec(pid, &regs, closure)) {
 		    if (errno != ESRCH)