First Last Prev Next    This bug is not in your last search results.
Bug 342 - segmentation fault when /etc/sudoers has wrong perms (among others)
segmentation fault when /etc/sudoers has wrong perms (among others)
Status: RESOLVED FIXED
Product: Sudo
Classification: Unclassified
Component: Sudo
1.7.0
PC Linux
: normal normal
Assigned To: Todd C. Miller
: 374 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-07 12:17 MST by Stefan Huber
Modified: 2009-11-17 10:15 MST (History)
1 user (show)

See Also:

Attachments
Simple patch: remove the NO_EXIT flags. (1.33 KB, patch)
2009-03-07 12:28 MST, Stefan Huber 		Details | Diff
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Huber 2009-03-07 12:17:18 MST 
When /etc/sudoers has wrong permissions then a 'sudo bla' answers
  sudo: /etc/sudoers is mode 0442, should be 0440
  Segmentation fault


The bug is at sudo.c:1089, where fileno is called with fp, even though fp is NULL. This is not only the case for wrong perms for /etc/sudoers but rather for any other error related to /etc/sudoers.

Checked if the bug is also present in latetest webCVS version, and it is.
Comment 1 Stefan Huber 2009-03-07 12:28:12 MST 
Created attachment 249 [details]
Simple patch: remove the NO_EXIT flags.
Comment 2 Todd C. Miller 2009-03-07 16:57:43 MST 
This has been fixed for some time in cvs:

revision 1.501
date: 2009/01/09 00:13:37;  author: millert;  state: Exp;  lines: +9 -7
Do not try to set the close on exec flag if we didn't actually open sudoers.
Comment 3 Stefan Huber 2009-03-07 17:15:40 MST 
Ah, right, the bug is fixed already. I was reading too inaccurately.
Comment 4 Todd C. Miller 2009-03-12 10:08:43 MDT 
Fixed in sudo 1.7.1.  A beta version of sudo 1.7.1 may be downloaded from http://www.sudo.ws/devel.html
Comment 5 Todd C. Miller 2009-11-17 10:15:28 MST 
*** Bug 374 has been marked as a duplicate of this bug. ***
First Last Prev Next    This bug is not in your last search results.