From 322e0b3693fa43d281ffe082a1e08e523e8dd17f Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Mon, 22 Feb 2021 19:53:08 -0700
Subject: [PATCH] Return NOT_FOUND from the set_cmnd_path() stub since we don't
 set user_cmnd. The purpose of set_cmnd_path() is to reset user_cmnd based on
 a new runchroot.  For the stub version we don't modify user_cmnd and so must
 not return a status of FOUND. Fixes oss-fuzz issue #31250 which only affected
 the fuzzer and not sudo.

---
 plugins/sudoers/stubs.c       | 3 ++-
 plugins/sudoers/testsudoers.c | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/plugins/sudoers/stubs.c b/plugins/sudoers/stubs.c
index fb1e975af..fcb0889d8 100644
--- a/plugins/sudoers/stubs.c
+++ b/plugins/sudoers/stubs.c
@@ -84,7 +84,8 @@ get_interfaces(void)
 int
 set_cmnd_path(const char *runchroot)
 {
-    return FOUND;
+    /* Cannot return FOUND without also setting user_cmnd to a new value. */
+    return NOT_FOUND;
 }
 
 /* STUB */
diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c
index ebe489e57..a5342edb8 100644
--- a/plugins/sudoers/testsudoers.c
+++ b/plugins/sudoers/testsudoers.c
@@ -502,7 +502,8 @@ init_eventlog_config(void)
 int
 set_cmnd_path(const char *runchroot)
 {
-    return FOUND;
+    /* Cannot return FOUND without also setting user_cmnd to a new value. */
+    return NOT_FOUND;
 }
 
 static bool