Don't try to audit failure if the runas user does not exist. We don't

have the user's command at this point so there is nothing to audit. Add a NULL check in audit_success() and audit_failure() just to be on the safe side.
2025-08-31 14:25:15 +00:00 · 2011-07-27 12:11:33 -04:00
parent 8ebf7a95cf
commit 35d26ae34f
2 changed files with 8 additions and 4 deletions
--- a/plugins/sudoers/audit.c
+++ b/plugins/sudoers/audit.c
@@ -41,6 +41,9 @@
 void
 audit_success(char *exec_args[])
 {
+    if (exec_args == NULL)
+	return;
+
 #ifdef HAVE_BSM_AUDIT
    bsm_audit_success(exec_args);
 #endif
@@ -50,10 +53,13 @@ audit_success(char *exec_args[])
 }

 void
-audit_failure(char **exec_args, char const *const fmt, ...)
+audit_failure(char *exec_args[], char const *const fmt, ...)
 {
    va_list ap;

+    if (exec_args == NULL)
+	return;
+
    va_start(ap, fmt);
 #ifdef HAVE_BSM_AUDIT
    bsm_audit_failure(exec_args, fmt, ap);
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -1066,12 +1066,10 @@ set_runaspw(char *user)
 	if ((runas_pw = sudo_getpwuid(atoi(user + 1))) == NULL)
 	    runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0);
    } else {
-	if ((runas_pw = sudo_getpwnam(user)) == NULL) {
-	    audit_failure(NewArgv, _("unknown user: %s"), user);
+	if ((runas_pw = sudo_getpwnam(user)) == NULL)
 	    log_error(NO_MAIL|MSG_ONLY, _("unknown user: %s"), user);
    }
 }
-}

 /*
 * Get group entry for the group we are going to run commands as