1 |
a3li 10/09/07 12:00:59 |
2 |
|
3 |
Added: sudo-CVE-2010-2956.patch |
4 |
Log: |
5 |
Non-maintainer commit: Revision bump to fix CVE-2010-2956 (bug 335381). Removing vulnerable versions. |
6 |
(Portage version: 2.2_rc67/cvs/Linux x86_64, RepoMan options: --force) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 app-admin/sudo/files/sudo-CVE-2010-2956.patch |
10 |
|
11 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/sudo/files/sudo-CVE-2010-2956.patch?rev=1.1&view=markup |
12 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/sudo/files/sudo-CVE-2010-2956.patch?rev=1.1&content-type=text/plain |
13 |
|
14 |
Index: sudo-CVE-2010-2956.patch |
15 |
=================================================================== |
16 |
diff -r 24a695707b67 match.c |
17 |
--- a/match.c Thu Aug 26 11:36:47 2010 -0400 |
18 |
+++ b/match.c Mon Aug 30 07:22:49 2010 -0400 |
19 |
@@ -170,15 +170,9 @@ |
20 |
{ |
21 |
struct member *m; |
22 |
struct alias *a; |
23 |
- int rval, matched = UNSPEC; |
24 |
- |
25 |
- if (runas_gr != NULL) { |
26 |
- if (tq_empty(group_list)) |
27 |
- return(DENY); /* group was specified but none in sudoers */ |
28 |
- if (runas_pw != NULL && strcmp(runas_pw->pw_name, user_name) && |
29 |
- tq_empty(user_list)) |
30 |
- return(DENY); /* user was specified but none in sudoers */ |
31 |
- } |
32 |
+ int rval; |
33 |
+ int user_matched = UNSPEC; |
34 |
+ int group_matched = UNSPEC; |
35 |
|
36 |
if (tq_empty(user_list) && tq_empty(group_list)) |
37 |
return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw)); |
38 |
@@ -187,59 +181,67 @@ |
39 |
tq_foreach_rev(user_list, m) { |
40 |
switch (m->type) { |
41 |
case ALL: |
42 |
- matched = !m->negated; |
43 |
+ user_matched = !m->negated; |
44 |
break; |
45 |
case NETGROUP: |
46 |
if (netgr_matches(m->name, NULL, NULL, runas_pw->pw_name)) |
47 |
- matched = !m->negated; |
48 |
+ user_matched = !m->negated; |
49 |
break; |
50 |
case USERGROUP: |
51 |
if (usergr_matches(m->name, runas_pw->pw_name, runas_pw)) |
52 |
- matched = !m->negated; |
53 |
+ user_matched = !m->negated; |
54 |
break; |
55 |
case ALIAS: |
56 |
if ((a = alias_find(m->name, RUNASALIAS)) != NULL) { |
57 |
rval = _runaslist_matches(&a->members, &empty); |
58 |
if (rval != UNSPEC) |
59 |
- matched = m->negated ? !rval : rval; |
60 |
+ user_matched = m->negated ? !rval : rval; |
61 |
break; |
62 |
} |
63 |
/* FALLTHROUGH */ |
64 |
case WORD: |
65 |
if (userpw_matches(m->name, runas_pw->pw_name, runas_pw)) |
66 |
- matched = !m->negated; |
67 |
+ user_matched = !m->negated; |
68 |
break; |
69 |
} |
70 |
- if (matched != UNSPEC) |
71 |
+ if (user_matched != UNSPEC) |
72 |
break; |
73 |
} |
74 |
} |
75 |
|
76 |
if (runas_gr != NULL) { |
77 |
+ if (user_matched == UNSPEC) { |
78 |
+ if (runas_pw == NULL || strcmp(runas_pw->pw_name, user_name) == 0) |
79 |
+ user_matched = ALLOW; /* only changing group */ |
80 |
+ } |
81 |
tq_foreach_rev(group_list, m) { |
82 |
switch (m->type) { |
83 |
case ALL: |
84 |
- matched = !m->negated; |
85 |
+ group_matched = !m->negated; |
86 |
break; |
87 |
case ALIAS: |
88 |
if ((a = alias_find(m->name, RUNASALIAS)) != NULL) { |
89 |
rval = _runaslist_matches(&a->members, &empty); |
90 |
if (rval != UNSPEC) |
91 |
- matched = m->negated ? !rval : rval; |
92 |
+ group_matched = m->negated ? !rval : rval; |
93 |
break; |
94 |
} |
95 |
/* FALLTHROUGH */ |
96 |
case WORD: |
97 |
if (group_matches(m->name, runas_gr)) |
98 |
- matched = !m->negated; |
99 |
+ group_matched = !m->negated; |
100 |
break; |
101 |
} |
102 |
- if (matched != UNSPEC) |
103 |
+ if (group_matched != UNSPEC) |
104 |
break; |
105 |
} |
106 |
} |
107 |
|
108 |
- return(matched); |
109 |
+ if (user_matched == DENY || group_matched == DENY) |
110 |
+ return(DENY); |
111 |
+ if (user_matched == group_matched || runas_gr == NULL) |
112 |
+ return(user_matched); |
113 |
+ return(UNSPEC); |
114 |
} |
115 |
|
116 |
int |