Bug 406

Summary: Fix for a wild pointer in alias_add()
Product: Sudo Reporter: David.Wood
Component: VisudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.7.2   
Hardware: All   
OS: All   

Description David.Wood 2010-04-14 21:38:18 MDT 
Hello,

A buglette in alias.c results in:

1) Linux: NULL alias in error text

  % ./visudo -c -f /tmp/blah
  >>> /tmp/blah: Alias `' already defined near line 4 <<<
  parse error in /tmp/blah near line 4

2) Solaris: garbage in error text

  % ./visudo -c -f /tmp/blah
  >>> /tmp/blah: Alias `ÅC' already defined near line 10 <<<
  parse error in /u/shchupak/temp/sudo.erb near line 10

The fix is trivial:

  --- alias.c	2009/07/17 15:57:54	1.1.1.3
  +++ alias.c	2010/04/15 01:00:26	1.2
  @@ -125,8 +125,8 @@
       a->seqno = 0;
       list2tq(&a->members, members);
       if (rbinsert(aliases, a)) {
  -	alias_free(a);
 	  snprintf(errbuf, sizeof(errbuf), "Alias `%s' already defined", name);
  +	alias_free(a);
 	  return(errbuf);
       }
       return(NULL);

After the fix is applied:

  % ./visudo -c -f /tmp/blah
  >>> /tmp/blah: Alias `NAGIOSCMD' already defined near line 10 <<<
  parse error in /tmp/blah near line 10

Test case:

  % cat /tmp/blah
  Cmnd_Alias    NAGIOSCMD=/proj/netbackup/bin/convert-disklist blah
  Cmnd_Alias    NAGIOSCMD=/proj/netbackup/bin/convert-disklist,\
                /usr/sbin/svcadm,\
                /usr/sbin/svccfg,\
                /usr/bin/du,\
                /usr/bin/chown 5028\:0 /fs/scratch/pubsub,\
                /usr/bin/chown 0\:3 /fs/scratch/tmp,\
                /usr/bin/chown 0\:3 /tmp,\
                /usr/sbin/fmadm faulty,\
                /usr/sbin/fmdump -v

David
Comment 1 David.Wood 2010-04-14 21:38:57 MDT 
*** Bug 405 has been marked as a duplicate of this bug. ***
Comment 2 Todd C. Miller 2010-04-15 06:21:18 MDT 
Fix committed, thanks!