mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Merge sudo 1.9.17p2 from branch 'main' into sudo-1.9

Browse Source
This commit is contained in:
Todd C. Miller 2025-07-24 20:22:10 -06:00
commit d1b48c651c
17 changed files with 113 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
MANIFEST
View File

@ -859,6 +859,8 @@ plugins/sudoers/regress/cvtsudoers/test4.out.ok
plugins/sudoers/regress/cvtsudoers/test4.sh plugins/sudoers/regress/cvtsudoers/test4.sh
plugins/sudoers/regress/cvtsudoers/test40.out.ok plugins/sudoers/regress/cvtsudoers/test40.out.ok
plugins/sudoers/regress/cvtsudoers/test40.sh plugins/sudoers/regress/cvtsudoers/test40.sh
plugins/sudoers/regress/cvtsudoers/test41.out.ok
plugins/sudoers/regress/cvtsudoers/test41.sh
plugins/sudoers/regress/cvtsudoers/test5.out.ok plugins/sudoers/regress/cvtsudoers/test5.out.ok
plugins/sudoers/regress/cvtsudoers/test5.sh plugins/sudoers/regress/cvtsudoers/test5.sh
plugins/sudoers/regress/cvtsudoers/test6.out.ok plugins/sudoers/regress/cvtsudoers/test6.out.ok
@ -1030,6 +1032,12 @@ plugins/sudoers/regress/sudoers/test30.ldif2sudo.ok
plugins/sudoers/regress/sudoers/test30.out.ok plugins/sudoers/regress/sudoers/test30.out.ok
plugins/sudoers/regress/sudoers/test30.sudo.ok plugins/sudoers/regress/sudoers/test30.sudo.ok
plugins/sudoers/regress/sudoers/test30.toke.ok plugins/sudoers/regress/sudoers/test30.toke.ok
plugins/sudoers/regress/sudoers/test31.in
plugins/sudoers/regress/sudoers/test31.json.ok
plugins/sudoers/regress/sudoers/test31.ldif.ok
plugins/sudoers/regress/sudoers/test31.ldif2sudo.ok
plugins/sudoers/regress/sudoers/test31.out.ok
plugins/sudoers/regress/sudoers/test31.toke.ok
plugins/sudoers/regress/sudoers/test4.in plugins/sudoers/regress/sudoers/test4.in
plugins/sudoers/regress/sudoers/test4.json.ok plugins/sudoers/regress/sudoers/test4.json.ok
plugins/sudoers/regress/sudoers/test4.ldif.ok plugins/sudoers/regress/sudoers/test4.ldif.ok

15
Makefile.in
View File

@ -248,14 +248,7 @@ depend: siglist.c signame.c tsgetusershell.c
# The CODEOWNERS file is not present in the release tarball. # The CODEOWNERS file is not present in the release tarball.
ChangeLog: ChangeLog:
if test -f $(srcdir)/docs/CODEOWNERS; then \ if test -f $(srcdir)/docs/CODEOWNERS; then \
if test -d $(srcdir)/.hg && hg -R $(srcdir) identify -ibt >stamp-$@.tmp 2>&1; then \ if test -d $(srcdir)/.git && git --git-dir $(srcdir)/.git describe --tags >stamp-$@.tmp 2>&1; then \
cmp stamp-$@.tmp stamp-$@ >/dev/null 2>&1 || { \
mv -f stamp-$@.tmp stamp-$@; \
if hg log -R $(srcdir) --template=changelog -r "sort(branch(.) or follow(), -date)" > $@.tmp; then \
mv -f $@.tmp $(srcdir)/$@; \
fi; \
}; \
elif test -d $(srcdir)/.git && git --git-dir $(srcdir)/.git describe --tags >stamp-$@.tmp 2>&1; then \
cmp stamp-$@.tmp stamp-$@ >/dev/null 2>&1 || { \ cmp stamp-$@.tmp stamp-$@ >/dev/null 2>&1 || { \
mv -f stamp-$@.tmp stamp-$@; \ mv -f stamp-$@.tmp stamp-$@; \
if $(scriptdir)/log2cl.pl -R $(srcdir)/.git > $@.tmp; then \ if $(scriptdir)/log2cl.pl -R $(srcdir)/.git > $@.tmp; then \
@ -385,10 +378,10 @@ mkdefaults:
cd plugins/sudoers && exec $(MAKE) DEVEL=1 ./def_data.c ./def_data.h cd plugins/sudoers && exec $(MAKE) DEVEL=1 ./def_data.c ./def_data.h
check-dist: update-pot compile-po mkdefaults check-dist: update-pot compile-po mkdefaults
@if test -d $(srcdir)/.hg && cd $(srcdir); then \ @if test -d $(srcdir)/.git && cd $(srcdir); then \
if test `hg stat -am | wc -l` -ne 0; then \ if git status -s | grep -q '^ *M'; then \
echo "Uncommitted changes" 1>&2; \ echo "Uncommitted changes" 1>&2; \
hg stat -am 1>&2; \ git status -s | grep '^ *M'; \
exit 1; \ exit 1; \
fi; \ fi; \
fi fi

19
NEWS
View File

@ -1,3 +1,22 @@
What's new in Sudo 1.9.17p2
* Fixed a bug introduced in sudo 1.9.16 that could result in sudo
sending SIGHUP to all processes on the system in certain rare
cases. The bug could manifest if sudo is running a command in
a pseudo-terminal, sudo terminates the command due to an internal
error, and the user's terminal is revoked. GitHub issue #458.
* Fixed a bug introduced in sudo 1.9.12 that caused sudo to abort
when the "intercept" and "intercept_verify" options are enabled
in sudoers and either the command line arguments or the environment
contains a string larger than the page size (usually 4096). This
only Linux affects systems that support the ptrace_readv_string()
function. GitHub issue #453.
* Fixed a bug in sudo's configure script introduced in sudo 1.9.17
that prevented mdoc-format man pages from being used on systems
without the mandoc utility. Bug #1077.
What's new in Sudo 1.9.17p1 What's new in Sudo 1.9.17p1
* Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified * Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified

20
configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh #! /bin/sh
# Guess values for system-dependent variables and create Makefiles. # Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.72 for sudo 1.9.17p1. # Generated by GNU Autoconf 2.72 for sudo 1.9.17p2.
# #
# Report bugs to <https://bugzilla.sudo.ws/>. # Report bugs to <https://bugzilla.sudo.ws/>.
# #
@ -614,8 +614,8 @@ MAKEFLAGS=
# Identity of this package. # Identity of this package.
PACKAGE_NAME='sudo' PACKAGE_NAME='sudo'
PACKAGE_TARNAME='sudo' PACKAGE_TARNAME='sudo'
PACKAGE_VERSION='1.9.17p1' PACKAGE_VERSION='1.9.17p2'
PACKAGE_STRING='sudo 1.9.17p1' PACKAGE_STRING='sudo 1.9.17p2'
PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/' PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/'
PACKAGE_URL='' PACKAGE_URL=''
@ -1651,7 +1651,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing. # Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh. # This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF cat <<_ACEOF
'configure' configures sudo 1.9.17p1 to adapt to many kinds of systems. 'configure' configures sudo 1.9.17p2 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]... Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1717,7 +1717,7 @@ fi
if test -n "$ac_init_help"; then if test -n "$ac_init_help"; then
case $ac_init_help in case $ac_init_help in
short | recursive ) echo "Configuration of sudo 1.9.17p1:";; short | recursive ) echo "Configuration of sudo 1.9.17p2:";;
esac esac
cat <<\_ACEOF cat <<\_ACEOF
@ -2013,7 +2013,7 @@ fi
test -n "$ac_init_help" && exit $ac_status test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then if $ac_init_version; then
cat <<\_ACEOF cat <<\_ACEOF
sudo configure 1.9.17p1 sudo configure 1.9.17p2
generated by GNU Autoconf 2.72 generated by GNU Autoconf 2.72
Copyright (C) 2023 Free Software Foundation, Inc. Copyright (C) 2023 Free Software Foundation, Inc.
@ -2833,7 +2833,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake. running configure, to aid debugging if configure makes a mistake.
It was created by sudo $as_me 1.9.17p1, which was It was created by sudo $as_me 1.9.17p2, which was
generated by GNU Autoconf 2.72. Invocation command line was generated by GNU Autoconf 2.72. Invocation command line was
$ $0$ac_configure_args_raw $ $0$ac_configure_args_raw
@ -17786,7 +17786,7 @@ else case e in #(
echo ".Nd sudo" >> conftest echo ".Nd sudo" >> conftest
echo ".Sh DESCRIPTION" >> conftest echo ".Sh DESCRIPTION" >> conftest
echo "sudo" >> conftest echo "sudo" >> conftest
if $ac_cv_path_NROFF -mdoc conftest >/dev/null 2>&1; then if $ac_cv_path_NROFFPROG -mdoc conftest >/dev/null 2>&1; then
sudo_cv_var_mantype="mdoc" sudo_cv_var_mantype="mdoc"
fi fi
rm -f conftest rm -f conftest
@ -37071,7 +37071,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their # report actual input values of CONFIG_FILES etc. instead of their
# values after options handling. # values after options handling.
ac_log=" ac_log="
This file was extended by sudo $as_me 1.9.17p1, which was This file was extended by sudo $as_me 1.9.17p2, which was
generated by GNU Autoconf 2.72. Invocation command line was generated by GNU Autoconf 2.72. Invocation command line was
CONFIG_FILES = $CONFIG_FILES CONFIG_FILES = $CONFIG_FILES
@ -37139,7 +37139,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config='$ac_cs_config_escaped' ac_cs_config='$ac_cs_config_escaped'
ac_cs_version="\\ ac_cs_version="\\
sudo config.status 1.9.17p1 sudo config.status 1.9.17p2
configured by $0, generated by GNU Autoconf 2.72, configured by $0, generated by GNU Autoconf 2.72,
with options \\"\$ac_cs_config\\" with options \\"\$ac_cs_config\\"

4
configure.ac
View File

@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
dnl dnl
AC_PREREQ([2.69]) AC_PREREQ([2.69])
AC_INIT([sudo], [1.9.17p1], [https://bugzilla.sudo.ws/], [sudo]) AC_INIT([sudo], [1.9.17p2], [https://bugzilla.sudo.ws/], [sudo])
AC_CONFIG_HEADERS([config.h pathnames.h]) AC_CONFIG_HEADERS([config.h pathnames.h])
AC_CONFIG_SRCDIR([src/sudo.c]) AC_CONFIG_SRCDIR([src/sudo.c])
AC_CONFIG_AUX_DIR([scripts]) AC_CONFIG_AUX_DIR([scripts])
@ -1753,7 +1753,7 @@ AC_CACHE_CHECK([which macro set to use for manual pages],
echo ".Nd sudo" >> conftest echo ".Nd sudo" >> conftest
echo ".Sh DESCRIPTION" >> conftest echo ".Sh DESCRIPTION" >> conftest
echo "sudo" >> conftest echo "sudo" >> conftest
if $ac_cv_path_NROFF -mdoc conftest >/dev/null 2>&1; then if $ac_cv_path_NROFFPROG -mdoc conftest >/dev/null 2>&1; then
sudo_cv_var_mantype="mdoc" sudo_cv_var_mantype="mdoc"
fi fi
rm -f conftest rm -f conftest

9
etc/sudo-logsrvd.pp
View File

@ -128,15 +128,20 @@ This makes it possible to have all sudo I/O logs on a central server."
%endif %endif
%if [rpm] %if [rpm]
# Used to set rpm_arch to x86_64_v2 on Alma Linux
if test -n "$pp_rpm_arch_override"; then
pp_rpm_arch="$pp_rpm_arch_override"
fi
# Add distro info to release # Add distro info to release
osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/'` osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,3\}\).*/\1/'`
case "$pp_rpm_distro" in case "$pp_rpm_distro" in
centos*|rhel*|f[0-9]*) centos*|rhel*|f[0-9]*)
# CentOS Stream has a single-digit version # CentOS Stream has a single-digit version
if test $osrelease -lt 10; then if test $osrelease -lt 10; then
osrelease="${osrelease}0" osrelease="${osrelease}0"
fi fi
pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}" pp_rpm_release="$pp_rpm_release.el${osrelease%[0-9]}"
;; ;;
sles*) sles*)
pp_rpm_release="$pp_rpm_release.sles$osrelease" pp_rpm_release="$pp_rpm_release.sles$osrelease"

9
etc/sudo-python.pp
View File

@ -84,15 +84,20 @@
%endif %endif
%if [rpm] %if [rpm]
# Used to set rpm_arch to x86_64_v2 on Alma Linux
if test -n "$pp_rpm_arch_override"; then
pp_rpm_arch="$pp_rpm_arch_override"
fi
# Add distro info to release # Add distro info to release
osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/'` osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,3\}\).*/\1/'`
case "$pp_rpm_distro" in case "$pp_rpm_distro" in
centos*|rhel*|f[0-9]*) centos*|rhel*|f[0-9]*)
# CentOS Stream has a single-digit version # CentOS Stream has a single-digit version
if test $osrelease -lt 10; then if test $osrelease -lt 10; then
osrelease="${osrelease}0" osrelease="${osrelease}0"
fi fi
pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}" pp_rpm_release="$pp_rpm_release.el${osrelease%[0-9]}"
;; ;;
sles*) sles*)
pp_rpm_release="$pp_rpm_release.sles$osrelease" pp_rpm_release="$pp_rpm_release.sles$osrelease"

9
etc/sudo.pp
View File

@ -149,15 +149,20 @@ still allow people to get their work done."
%endif %endif
%if [rpm] %if [rpm]
# Used to set rpm_arch to x86_64_v2 on Alma Linux
if test -n "$pp_rpm_arch_override"; then
pp_rpm_arch="$pp_rpm_arch_override"
fi
# Add distro info to release # Add distro info to release
osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/'` osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,3\}\).*/\1/'`
case "$pp_rpm_distro" in case "$pp_rpm_distro" in
centos*|rhel*|f[0-9]*) centos*|rhel*|f[0-9]*)
# CentOS Stream has a single-digit version # CentOS Stream has a single-digit version
if test $osrelease -lt 10; then if test $osrelease -lt 10; then
osrelease="${osrelease}0" osrelease="${osrelease}0"
fi fi
pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}" pp_rpm_release="$pp_rpm_release.el${osrelease%[0-9]}"
;; ;;
sles*) sles*)
pp_rpm_release="$pp_rpm_release.sles$osrelease" pp_rpm_release="$pp_rpm_release.sles$osrelease"

2
plugins/sudoers/log_client.c
View File

@ -1933,7 +1933,7 @@ client_msg_cb(int fd, int what, void *v)
{ {
const ssize_t n = write(fd, buf->data + buf->off, buf->len - buf->off); const ssize_t n = write(fd, buf->data + buf->off, buf->len - buf->off);
if (n < 0) { if (n < 0) {
sudo_warn("send"); sudo_warn("write");
goto bad; goto bad;
} }
nwritten = (size_t)n; nwritten = (size_t)n;

6
plugins/sudoers/match_command.c
View File

@ -272,7 +272,8 @@ command_matches_dir(struct sudoers_context *ctx, const char *sudoers_dir,
len = snprintf(sdbuf, sizeof(sdbuf), "%s%s", runchroot, sudoers_dir); len = snprintf(sdbuf, sizeof(sdbuf), "%s%s", runchroot, sudoers_dir);
if (len >= ssizeof(sdbuf)) { if (len >= ssizeof(sdbuf)) {
errno = ENAMETOOLONG; errno = ENAMETOOLONG;
debug_return_bool(false); sudo_warn("%s%s", runchroot, sudoers_dir);
goto done;
} }
sudoers_dir = sdbuf; sudoers_dir = sdbuf;
chrootlen = strlen(runchroot); chrootlen = strlen(runchroot);
@ -536,7 +537,8 @@ command_matches_glob(struct sudoers_context *ctx, const char *sudoers_cmnd,
snprintf(pathbuf, sizeof(pathbuf), "%s%s", runchroot, sudoers_cmnd); snprintf(pathbuf, sizeof(pathbuf), "%s%s", runchroot, sudoers_cmnd);
if (len >= ssizeof(pathbuf)) { if (len >= ssizeof(pathbuf)) {
errno = ENAMETOOLONG; errno = ENAMETOOLONG;
debug_return_bool(false); sudo_warn("%s%s", runchroot, sudoers_cmnd);
debug_return_int(DENY);
} }
sudoers_cmnd = pathbuf; sudoers_cmnd = pathbuf;
chrootlen = strlen(runchroot); chrootlen = strlen(runchroot);

3
plugins/sudoers/match_digest.c
View File

@ -73,7 +73,8 @@ digest_matches(int fd, const char *path, const char *runchroot,
snprintf(pathbuf, sizeof(pathbuf), "%s%s", runchroot, path); snprintf(pathbuf, sizeof(pathbuf), "%s%s", runchroot, path);
if (len >= ssizeof(pathbuf)) { if (len >= ssizeof(pathbuf)) {
errno = ENAMETOOLONG; errno = ENAMETOOLONG;
debug_return_bool(false); sudo_warn("%s%s", runchroot, path);
goto done;
} }
path = pathbuf; path = pathbuf;
} }

7
plugins/sudoers/timestamp.c
View File

@ -358,12 +358,17 @@ ts_write(const struct sudoers_context *ctx, int fd, const char *fname,
/* Truncate on partial write to be safe (assumes end of file). */ /* Truncate on partial write to be safe (assumes end of file). */
if (nwritten > 0) { if (nwritten > 0) {
sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"short write, truncating partial time stamp record"); "short write, truncating partial time stamp record");
if (ftruncate(fd, old_eof) != 0) { if (ftruncate(fd, old_eof) != 0) {
sudo_warn(U_("unable to truncate time stamp file to %lld bytes"), sudo_warn(U_("unable to truncate time stamp file to %lld bytes"),
(long long)old_eof); (long long)old_eof);
} }
if (lseek(fd, old_eof, SEEK_SET) == -1) {
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
"unable to seek to %lld", (long long)old_eof);
}
} }
debug_return_ssize_t(-1); debug_return_ssize_t(-1);
} }

2
plugins/sudoers/visudo.c
View File

@ -499,7 +499,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
if (sp->tpath == NULL) { if (sp->tpath == NULL) {
if (asprintf(&sp->tpath, "%s.tmp", sp->dpath) == -1) if (asprintf(&sp->tpath, "%s.tmp", sp->dpath) == -1)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
tfd = open(sp->tpath, O_WRONLY|O_CREAT|O_TRUNC, S_IRWXU|S_IRUSR); tfd = open(sp->tpath, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
if (tfd < 0) if (tfd < 0)
sudo_fatal("%s", sp->tpath); sudo_fatal("%s", sp->tpath);

22
scripts/mkpkg
View File

@ -17,8 +17,8 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# #
# Build a binary package using polypkg # Build a binary package using polypkg
# Usage: mkpkg [--build-only] [--configure-only] [--debug] [--flavor flavor] # Usage: mkpkg [--arch arch] [--build-only] [--configure-only] [--debug]
# [--platform platform] [--osversion ver] # [--flavor flavor] [--osversion ver] [--platform platform]
# #
# Make sure IFS is set to space, tab, newline in that order. # Make sure IFS is set to space, tab, newline in that order.
@ -29,7 +29,7 @@ nl='
IFS=" $nl" IFS=" $nl"
# Parse arguments # Parse arguments
usage="usage: mkpkg [--build-only] [--configure-only] [--debug] [--flavor flavor] [--platform platform] [--osversion ver]" usage="usage: mkpkg [--arch arch] [--build-only] [--configure-only] [--debug] [--flavor flavor] [--osversion ver] [--platform platform]"
debug=0 debug=0
flavor=vanilla flavor=vanilla
crossbuild=false crossbuild=false
@ -37,6 +37,18 @@ build_packages=true;
build_sudo=true; build_sudo=true;
while test $# -gt 0; do while test $# -gt 0; do
case "$1" in case "$1" in
--arch=?*)
arch=`echo "$1" | sed -n 's/^--arch=\(.*\)/\1/p'`
;;
--arch)
arch=`echo "$1" | sed -n 's/^--arch=\(.*\)/\1/p'`
if [ $# -lt 2 ]; then
echo "$usage" 1>&2
exit 1
fi
arch="$2"
shift
;;
--debug) --debug)
set -x set -x
debug=1 debug=1
@ -208,6 +220,10 @@ case "$osversion" in
;; ;;
esac esac
if [ -n "$arch" ]; then
# Override the default rpm arch for, e.g. x86_64_v2
PPVARS="${PPVARS}${PPVARS+$space}pp_rpm_arch_override=$arch"
fi
if [ X"$with_selinux" = X"true" ]; then if [ X"$with_selinux" = X"true" ]; then
configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux" configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux"
fi fi

2
scripts/pp
View File

@ -5581,7 +5581,7 @@ pp_rpm_detect_distro () {
-e 's/^Red Hat Enterprise Linux.*release \([0-9][0-9\.]*\).*/rhel\1/p' \ -e 's/^Red Hat Enterprise Linux.*release \([0-9][0-9\.]*\).*/rhel\1/p' \
-e 's/^Rocky Linux.*release \([0-9][0-9\.]*\).*/rhel\1/p' \ -e 's/^Rocky Linux.*release \([0-9][0-9\.]*\).*/rhel\1/p' \
-e 's/^AlmaLinux.*release \([0-9][0-9\.]*\).*/rhel\1/p' \ -e 's/^AlmaLinux.*release \([0-9][0-9\.]*\).*/rhel\1/p' \
-e 's/^CentOS.*release \([0-9][0-9\.]*\).*/centos\1/p' \ -e 's/^CentOS.*release \([0-9]\{1,\}\)\(\.[0-9]*\)\{0,1\}.*/centos\1\2/p' \
/etc/redhat-release` /etc/redhat-release`
elif test -f /etc/SuSE-release; then elif test -f /etc/SuSE-release; then
pp_rpm_distro=`awk ' pp_rpm_distro=`awk '

13
src/exec_ptrace.c
View File

@ -387,8 +387,7 @@ ptrace_readv_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
(unsigned long)remote.iov_base, remote.iov_len); (unsigned long)remote.iov_base, remote.iov_len);
debug_return_ssize_t(-1); debug_return_ssize_t(-1);
case 0: case 0:
sudo_debug_printf( sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"process_vm_readv(%d, [0x%lx, %zu], 1, [0x%lx, %zu], 1, 0): %s", "process_vm_readv(%d, [0x%lx, %zu], 1, [0x%lx, %zu], 1, 0): %s",
(int)pid, (unsigned long)local.iov_base, local.iov_len, (int)pid, (unsigned long)local.iov_base, local.iov_len,
(unsigned long)remote.iov_base, remote.iov_len, "premature EOF"); (unsigned long)remote.iov_base, remote.iov_len, "premature EOF");
@ -398,9 +397,17 @@ ptrace_readv_string(pid_t pid, unsigned long addr, char *buf, size_t bufsize)
cp = memchr(buf, '\0', (size_t)nread); cp = memchr(buf, '\0', (size_t)nread);
if (cp != NULL) if (cp != NULL)
debug_return_ssize_t((cp - buf0) + 1); /* includes NUL */ debug_return_ssize_t((cp - buf0) + 1); /* includes NUL */
/* No NUL terminator, we should have a full page. */
if ((size_t)nread != page_size) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"process_vm_readv(%d, [0x%lx, %zu], 1, [0x%lx, %zu], 1, 0)"
" -> %zd",
(int)pid, (unsigned long)local.iov_base, local.iov_len,
(unsigned long)remote.iov_base, remote.iov_len, nread);
}
buf += nread; buf += nread;
bufsize -= (size_t)nread; bufsize -= (size_t)nread;
addr += sizeof(unsigned long); addr += (size_t)nread;
break; break;
} }
} }

8
src/exec_pty.c
View File

@ -358,9 +358,11 @@ revoke_pty(struct exec_closure *ec)
pgrp = tcpgrp; pgrp = tcpgrp;
close(io_fds[SFD_LEADER]); close(io_fds[SFD_LEADER]);
} }
sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGHUP)", if (pgrp != -1) {
__func__, (int)pgrp); sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGHUP)",
kill(pgrp, SIGHUP); __func__, (int)pgrp);
killpg(pgrp, SIGHUP);
}
} }
/* /*