mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-05 08:45:28 +00:00
Code Issues Releases Wiki Activity

sudo -i: missing NULL terminator when moving argv to make room for --login

Browse Source 
Fixes a potential crash for "sudo -i" when the target user has bash
as the shell (which needs the --login option).  Bug #998.
This commit is contained in:
Todd C. Miller
2021-09-19 13:58:56 -06:00
parent 518bc1b25f
commit 7ab66eb3a8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/sudoers.c
View File

@@ -725,7 +725,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
if (NewArgc > 1 && strcmp(NewArgv[0], "-bash") == 0 &&
strcmp(NewArgv[1], "-c") == 0) {
/* We allocated extra space for the --login above. */
memmove(&NewArgv[2], &NewArgv[1], sizeof(char *) * (NewArgc - 1));
memmove(&NewArgv[2], &NewArgv[1], sizeof(char *) * NewArgc);
NewArgv[1] = "--login";
NewArgc++;
}