Bug 629 – SUDO_UID truncates UIDs >= 1 billion on Mac OS X

Bug 629 - SUDO_UID truncates UIDs >= 1 billion on Mac OS X


Summary:	SUDO_UID truncates UIDs >= 1 billion on Mac OS X

Status:	RESOLVED DUPLICATE of bug 562

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.7.4
Hardware:	PC Other

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2013-12-16 14:56 MST by Ben Gertzfield
Modified:	2013-12-16 15:49 MST (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ben Gertzfield 2013-12-16 14:56:48 MST

Running sudo 1.7.4p6 on Mac OS X 10.7.5, the SUDO_UID environment variable truncates the last digit of any user's UID which is larger than or equal to 1 billion (1_000_000_000).

I downloaded the sudo 1.8.8 source and confirmed plugins/sudoers/env.c copies the UID to a fixed-size buffer.

The autoconf default size of this buffer is 10 bytes (9 bytes of string plus 1 byte for NUL), so UIDs larger than 1_000_000_000 like the following are truncated.

I think this should change to use a dynamically-sized buffer to fit UIDs of any length.

$ sudo -V
Sudo version 1.7.4p6

$ id
uid=1230086403(username) gid=[snip] groups=[snip]

$ sudo sh -c 'echo $SUDO_UID'
Password:
123008640

Comment 1 Todd C. Miller 2013-12-16 15:08:02 MST

The MAX_UID_T_LEN define does not include space for the NUL byte.  The uid_t type on Mac OS X is defined in terms of uint32_t so its max value is  4294967295 in decimal.

*** This bug has been marked as a duplicate of bug 562 ***

Comment 2 Todd C. Miller 2013-12-16 15:10:48 MST

The fix was also present in sudo 1.7.10.

Comment 3 Ben Gertzfield 2013-12-16 15:49:03 MST

Thanks for the quick reply! (BTW, I searched Bugzilla for SUDO_UID but didn't find it, or I wouldn't have filed the dupe).