mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-02 15:25:58 +00:00
Code Issues Releases Wiki Activity

For the audit plugin, command_info may be NULL.

Browse Source 
Fixes a NULL dereference in sudoers_audit when an I/O logging
plugin rejects input/output or returns an error.
This commit is contained in:
Todd C. Miller
2020-11-17 13:04:57 -07:00
parent e4a2765cce
commit 27615b5582
3 changed files with 42 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
doc/sudo_plugin.man.in
View File

@@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.TH "SUDO_PLUGIN" "5" "November 2, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .TH "SUDO_PLUGIN" "5" "November 17, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -3074,7 +3074,8 @@ functions will
be called. be called.
.TP 6n .TP 6n
command_info command_info
A vector of information describing the command being run in the form of An optional
vector of information describing the command being run in the form of
\(lqname=value\(rq \(lqname=value\(rq
strings. strings.
The vector is terminated by a The vector is terminated by a
@@ -3188,7 +3189,8 @@ will be the
pointer. pointer.
.TP 6n .TP 6n
command_info command_info
A vector of information describing the command being run in the form of An optional
vector of information describing the command being run in the form of
\(lqname=value\(rq \(lqname=value\(rq
strings. strings.
The vector is terminated by a The vector is terminated by a
@@ -3272,7 +3274,8 @@ will be the
pointer. pointer.
.TP 6n .TP 6n
command_info command_info
A vector of information describing the command being run in the form of An optional
vector of information describing the command being run in the form of
\(lqname=value\(rq \(lqname=value\(rq
strings. strings.
The vector is terminated by a The vector is terminated by a

11
doc/sudo_plugin.mdoc.in
View File

@@ -15,7 +15,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.Dd November 2, 2020 .Dd November 17, 2020
.Dt SUDO_PLUGIN @mansectform@ .Dt SUDO_PLUGIN @mansectform@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -2741,7 +2741,8 @@ functions will
.Em both .Em both
be called. be called.
.It command_info .It command_info
A vector of information describing the command being run in the form of An optional
vector of information describing the command being run in the form of
.Dq name=value .Dq name=value
strings. strings.
The vector is terminated by a The vector is terminated by a
@@ -2842,7 +2843,8 @@ will be the
.Dv NULL .Dv NULL
pointer. pointer.
.It command_info .It command_info
A vector of information describing the command being run in the form of An optional
vector of information describing the command being run in the form of
.Dq name=value .Dq name=value
strings. strings.
The vector is terminated by a The vector is terminated by a
@@ -2914,7 +2916,8 @@ will be the
.Dv NULL .Dv NULL
pointer. pointer.
.It command_info .It command_info
A vector of information describing the command being run in the form of An optional
vector of information describing the command being run in the form of
.Dq name=value .Dq name=value
strings. strings.
The vector is terminated by a The vector is terminated by a

2
plugins/sudoers/audit.c
View File

@@ -201,6 +201,7 @@ audit_to_eventlog(struct eventlog *evlog, char * const command_info[],
sudoers_to_eventlog(evlog, run_argv, run_envp); sudoers_to_eventlog(evlog, run_argv, run_envp);
/* Update iolog and execution environment from command_info[]. */ /* Update iolog and execution environment from command_info[]. */
if (command_info != NULL) {
for (cur = command_info; *cur != NULL; cur++) { for (cur = command_info; *cur != NULL; cur++) {
switch (**cur) { switch (**cur) {
case 'c': case 'c':
@@ -230,6 +231,7 @@ audit_to_eventlog(struct eventlog *evlog, char * const command_info[],
break; break;
} }
} }
}
debug_return; debug_return;
} }