|
Bugzilla – Full Text Bug Listing |
| Summary: | Memory fault when rebuilding environment | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Kevin Pye <kevin.pye> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED FIXED | ||
| Severity: | high | ||
| Priority: | normal | ||
| Version: | 1.6.7 | ||
| Hardware: | HP | ||
| OS: | HP-UX | ||
That looks correct, thanks. I'll release sudo 1.6.7p5 in a few days. |
When run with a large number of environment variables, sudo will print "Memory fault" and exit. sudo was configured with "./configure --without-lecture" and compiled using the HP ANSII C compiler. Normal testing indicated that sudo was working correctly. However when running as the Big Brother user with the Big Brother environment loaded (as a Big Brother external script for example) sudo would fail with the "Memory fault" error above. Tests showed that this was the case for all users with the Big Brother environment variables set. Big Brother sets about 200 environment variables. Investigation showed that the bug is in the function insert_env in file env.c. Memory is allocated for the environment pointers in slabs of 128 entries. The first slab will be allocated when the first entry is stored. When the 129th entry is about to be allocated, the test "if (env_len + 1 > env_size)" will be true and another 128 entries will be allocated. This however does not allow for the null pointer stored after the last entry, so when the 128th entry is stored in the array, the null entry will be written outside the allocated memory. Changing if (env_len + 1 > env_size) { to if (env_len + 2 > env_size) { near the top of the function insert_env in env.c (line 251 in my copy of the source for version 1.6.7p4) solves the problem. Recompiling and installing the new version allows the Big Brother scripts to run correctly.