mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 14:25:15 +00:00
Code Issues Releases Wiki Activity

Zero out struct iolog_details early to avoid a potential (though

Browse Source 
unlikely) dereference of stack garbage if we hit a fatal error
before iolog_deserialize_info() is called.
This commit is contained in:
Todd C. Miller
2013-04-16 11:06:55 -04:00
parent f2a007fb91
commit 6c737f043f
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/iolog.c
View File

@@ -361,7 +361,6 @@ iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
gid_t runas_gid = 0;
debug_decl(iolog_deserialize_info, SUDO_DEBUG_UTIL)
memset(details, 0, sizeof(*details));
details->lines = 24;
details->cols = 80;
@@ -534,6 +533,8 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
if (argc == 0)
debug_return_bool(true);
memset(&details, 0, sizeof(details));
if (error_setjmp() != 0) {
/* called via error(), errorx() or log_fatal() */
rval = -1;