client_msg_cb: make warning match the function that failed

NEWS

@@ -1,3 +1,22 @@
+What's new in Sudo 1.9.17p2
+
+ * Fixed a bug introduced in sudo 1.9.16 that could result in sudo
+   sending SIGHUP to all processes on the system in certain rare
+   cases.  The bug could manifest if sudo is running a command in
+   a pseudo-terminal, sudo terminates the command due to an internal
+   error, and the user's terminal is revoked.  GitHub issue #458.
+
+ * Fixed a bug introduced in sudo 1.9.12 that caused sudo to abort
+   when the "intercept" and "intercept_verify" options are enabled
+   in sudoers and either the command line arguments or the environment
+   contains a string larger than the page size (usually 4096).  This
+   only Linux affects systems that support the ptrace_readv_string()
+   function.  GitHub issue #453.
+
+ * Fixed a bug in sudo's configure script introduced in sudo 1.9.17
+   that prevented mdoc-format man pages from being used on systems
+   without the mandoc utility.  Bug #1077.
+
 What's new in Sudo 1.9.17p1
 
  * Fixed CVE-2025-32462.  Sudo's -h (--host) option could be specified

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.72 for sudo 1.9.17p1.
+# Generated by GNU Autoconf 2.72 for sudo 1.9.17p2.
 #
 # Report bugs to <https://bugzilla.sudo.ws/>.
 #
@@ -614,8 +614,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sudo'
 PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.9.17p1'
+PACKAGE_VERSION='1.9.17p2'
-PACKAGE_STRING='sudo 1.9.17p1'
+PACKAGE_STRING='sudo 1.9.17p2'
 PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/'
 PACKAGE_URL=''
 
@@ -1651,7 +1651,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-'configure' configures sudo 1.9.17p1 to adapt to many kinds of systems.
+'configure' configures sudo 1.9.17p2 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1717,7 +1717,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sudo 1.9.17p1:";;
+     short | recursive ) echo "Configuration of sudo 1.9.17p2:";;
    esac
   cat <<\_ACEOF
 
@@ -2013,7 +2013,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sudo configure 1.9.17p1
+sudo configure 1.9.17p2
 generated by GNU Autoconf 2.72
 
 Copyright (C) 2023 Free Software Foundation, Inc.
@@ -2833,7 +2833,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sudo $as_me 1.9.17p1, which was
+It was created by sudo $as_me 1.9.17p2, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -37071,7 +37071,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sudo $as_me 1.9.17p1, which was
+This file was extended by sudo $as_me 1.9.17p2, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -37139,7 +37139,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-sudo config.status 1.9.17p1
+sudo config.status 1.9.17p2
 configured by $0, generated by GNU Autoconf 2.72,
   with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 dnl
 AC_PREREQ([2.69])
-AC_INIT([sudo], [1.9.17p1], [https://bugzilla.sudo.ws/], [sudo])
+AC_INIT([sudo], [1.9.17p2], [https://bugzilla.sudo.ws/], [sudo])
 AC_CONFIG_HEADERS([config.h pathnames.h])
 AC_CONFIG_SRCDIR([src/sudo.c])
 AC_CONFIG_AUX_DIR([scripts])

plugins/sudoers/log_client.c

@@ -1933,7 +1933,7 @@ client_msg_cb(int fd, int what, void *v)
     {
 	const ssize_t n = write(fd, buf->data + buf->off, buf->len - buf->off);
 	if (n < 0) {
-	    sudo_warn("send");
+	    sudo_warn("write");
 	    goto bad;
 	}
 	nwritten = (size_t)n;

plugins/sudoers/match_command.c

@@ -272,7 +272,8 @@ command_matches_dir(struct sudoers_context *ctx, const char *sudoers_dir,
 	len = snprintf(sdbuf, sizeof(sdbuf), "%s%s", runchroot, sudoers_dir);
 	if (len >= ssizeof(sdbuf)) {
 	    errno = ENAMETOOLONG;
-	    debug_return_bool(false);
+	    sudo_warn("%s%s", runchroot, sudoers_dir);
+	    goto done;
 	}
 	sudoers_dir = sdbuf;
 	chrootlen = strlen(runchroot);
@@ -536,7 +537,8 @@ command_matches_glob(struct sudoers_context *ctx, const char *sudoers_cmnd,
 	    snprintf(pathbuf, sizeof(pathbuf), "%s%s", runchroot, sudoers_cmnd);
 	if (len >= ssizeof(pathbuf)) {
 	    errno = ENAMETOOLONG;
-	    debug_return_bool(false);
+	    sudo_warn("%s%s", runchroot, sudoers_cmnd);
+	    debug_return_int(DENY);
 	}
 	sudoers_cmnd = pathbuf;
 	chrootlen = strlen(runchroot);

plugins/sudoers/match_digest.c

@@ -73,7 +73,8 @@ digest_matches(int fd, const char *path, const char *runchroot,
 	    snprintf(pathbuf, sizeof(pathbuf), "%s%s", runchroot, path);
 	if (len >= ssizeof(pathbuf)) {
 	    errno = ENAMETOOLONG;
-	    debug_return_bool(false);
+	    sudo_warn("%s%s", runchroot, path);
+	    goto done;
 	}
 	path = pathbuf;
     }