Bug 948

Summary: segmentation fault when unknown username is given
Product: Sudo Reporter: Sjon <sjon>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.9.4   
Hardware: PC   
OS: Linux   

Description Sjon 2020-12-04 02:24:26 MST
this is kind of a weird bug and it might be caused by an external program, I could use some help determining the cause. When I run:

$ sudo -u xxx ls / (where xxx is a non-existing username)

I get a segmentation fault:

 sudo[31444]: segfault at 0 ip 00007f7bcc05b1ce sp 00007ffd40c1a240 error 4 in sudoers.so[7f7bcc048000+5a000]

However, while attempting to debug this I noticed it works fine. When running with strace or gdb, sudo does not segfault, instead it (properly) outputs:

sudo: effective uid is not 0, is /bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?

I don't think my config has anything special, this is on archlinux with:

sudo.conf:
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
Plugin sudoers_audit sudoers.so

and sudoers:
root	ALL=(ALL) ALL
user	ALL=(ALL) NOPASSWD: ALL

If you need any other information I'll be happy to help
Comment 1 Sjon 2020-12-04 02:25:30 MST
I tested with non-existing numeric ids and it outputs a slightly different error:

$ sudo -u \#9999 ls /

sudo: unknown user: #9999
Comment 2 Todd C. Miller 2020-12-04 06:58:15 MST
Thanks for the report, fixed by: https://www.sudo.ws/repos/sudo/rev/8b24c140ec7c
Comment 3 Todd C. Miller 2020-12-17 15:00:42 MST
Fixed in sudo 1.9.4p1