mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity

The lower bounds for the "closefrom" option is 3, not 4.

Browse Source 
This is a regression introduced in sudo 1.8.9 with the strtonum()
conversion.  Bug #950.
This commit is contained in:
Todd C. Miller 2020-12-16 18:22:40 -07:00
parent f41b2c1f59
commit 4551b19f6c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/policy.c
View File

@ -178,7 +178,7 @@ sudoers_policy_deserialize_info(void *v)
if (MATCHES(*cur, "closefrom=")) {
errno = 0;
p = *cur + sizeof("closefrom=") - 1;
user_closefrom = sudo_strtonum(p, 4, INT_MAX, &errstr);
user_closefrom = sudo_strtonum(p, 3, INT_MAX, &errstr);
if (user_closefrom == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;