[gentoo-commits] gentoo-x86 commit in app-admin/sudo/files: sudo-CVE-2010-2956.patch - gentoo-commits

From:	"Alex Legler (a3li)" <a3li@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in app-admin/sudo/files: sudo-CVE-2010-2956.patch
Date:	Tue, 07 Sep 2010 12:01:05
Message-Id:	`20100907120059.4BAA620054@flycatcher.gentoo.org`

1

a3li        10/09/07 12:00:59

2

3

  Added:                sudo-CVE-2010-2956.patch

4

  Log:

5

  Non-maintainer commit: Revision bump to fix CVE-2010-2956 (bug 335381). Removing vulnerable versions.

6

  (Portage version: 2.2_rc67/cvs/Linux x86_64, RepoMan options: --force)

7

8

Revision  Changes    Path

9

1.1                  app-admin/sudo/files/sudo-CVE-2010-2956.patch

10

11

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/sudo/files/sudo-CVE-2010-2956.patch?rev=1.1&view=markup

12

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/sudo/files/sudo-CVE-2010-2956.patch?rev=1.1&content-type=text/plain

13

14

Index: sudo-CVE-2010-2956.patch

15

===================================================================

16

diff -r 24a695707b67 match.c

17

--- a/match.c	Thu Aug 26 11:36:47 2010 -0400

18

+++ b/match.c	Mon Aug 30 07:22:49 2010 -0400

19

@@ -170,15 +170,9 @@

20

{

21

     struct member *m;

22

     struct alias *a;

23

-    int rval, matched = UNSPEC;

24

-

25

-    if (runas_gr != NULL) {

26

-	if (tq_empty(group_list))

27

-	    return(DENY); /* group was specified but none in sudoers */

28

-	if (runas_pw != NULL && strcmp(runas_pw->pw_name, user_name) &&

29

-	    tq_empty(user_list))

30

-	    return(DENY); /* user was specified but none in sudoers */

31

-    }

32

+    int rval;

33

+    int user_matched = UNSPEC;

34

+    int group_matched = UNSPEC;

35

36

     if (tq_empty(user_list) && tq_empty(group_list))

37

 	return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));

38

@@ -187,59 +181,67 @@

39

 	tq_foreach_rev(user_list, m) {

40

 	    switch (m->type) {

41

 		case ALL:

42

-		    matched = !m->negated;

43

+		    user_matched = !m->negated;

44

 		    break;

45

 		case NETGROUP:

46

 		    if (netgr_matches(m->name, NULL, NULL, runas_pw->pw_name))

47

-			matched = !m->negated;

48

+			user_matched = !m->negated;

49

 		    break;

50

 		case USERGROUP:

51

 		    if (usergr_matches(m->name, runas_pw->pw_name, runas_pw))

52

-			matched = !m->negated;

53

+			user_matched = !m->negated;

54

 		    break;

55

 		case ALIAS:

56

 		    if ((a = alias_find(m->name, RUNASALIAS)) != NULL) {

57

 			rval = _runaslist_matches(&a->members, &empty);

58

 			if (rval != UNSPEC)

59

-			    matched = m->negated ? !rval : rval;

60

+			    user_matched = m->negated ? !rval : rval;

61

 			break;

62

}

63

 		    /* FALLTHROUGH */

64

 		case WORD:

65

 		    if (userpw_matches(m->name, runas_pw->pw_name, runas_pw))

66

-			matched = !m->negated;

67

+			user_matched = !m->negated;

68

 		    break;

69

}

70

-	    if (matched != UNSPEC)

71

+	    if (user_matched != UNSPEC)

72

 		break;

73

}

74

}

75

76

     if (runas_gr != NULL) {

77

+	if (user_matched == UNSPEC) {

78

+	    if (runas_pw == NULL || strcmp(runas_pw->pw_name, user_name) == 0)

79

+		user_matched = ALLOW;	/* only changing group */

80

+	}

81

 	tq_foreach_rev(group_list, m) {

82

 	    switch (m->type) {

83

 		case ALL:

84

-		    matched = !m->negated;

85

+		    group_matched = !m->negated;

86

 		    break;

87

 		case ALIAS:

88

 		    if ((a = alias_find(m->name, RUNASALIAS)) != NULL) {

89

 			rval = _runaslist_matches(&a->members, &empty);

90

 			if (rval != UNSPEC)

91

-			    matched = m->negated ? !rval : rval;

92

+			    group_matched = m->negated ? !rval : rval;

93

 			break;

94

}

95

 		    /* FALLTHROUGH */

96

 		case WORD:

97

 		    if (group_matches(m->name, runas_gr))

98

-			matched = !m->negated;

99

+			group_matched = !m->negated;

100

 		    break;

101

}

102

-	    if (matched != UNSPEC)

103

+	    if (group_matched != UNSPEC)

104

 		break;

105

}

106

}

107

108

-    return(matched);

109

+    if (user_matched == DENY || group_matched == DENY)

110

+	return(DENY);

111

+    if (user_matched == group_matched || runas_gr == NULL)

112

+	return(user_matched);

113

+    return(UNSPEC);

114

}

115

116

int

1	a3li 10/09/07 12:00:59
2
3	Added: sudo-CVE-2010-2956.patch
4	Log:
5	Non-maintainer commit: Revision bump to fix CVE-2010-2956 (bug 335381). Removing vulnerable versions.
6	(Portage version: 2.2_rc67/cvs/Linux x86_64, RepoMan options: --force)
7
8	Revision Changes Path
9	1.1 app-admin/sudo/files/sudo-CVE-2010-2956.patch
10
11	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/sudo/files/sudo-CVE-2010-2956.patch?rev=1.1&view=markup
12	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/sudo/files/sudo-CVE-2010-2956.patch?rev=1.1&content-type=text/plain
13
14	Index: sudo-CVE-2010-2956.patch
15	===================================================================
16	diff -r 24a695707b67 match.c
17	--- a/match.c Thu Aug 26 11:36:47 2010 -0400
18	+++ b/match.c Mon Aug 30 07:22:49 2010 -0400
19	@@ -170,15 +170,9 @@
20	{
21	struct member *m;
22	struct alias *a;
23	- int rval, matched = UNSPEC;
24	-
25	- if (runas_gr != NULL) {
26	- if (tq_empty(group_list))
27	- return(DENY); /* group was specified but none in sudoers */
28	- if (runas_pw != NULL && strcmp(runas_pw->pw_name, user_name) &&
29	- tq_empty(user_list))
30	- return(DENY); /* user was specified but none in sudoers */
31	- }
32	+ int rval;
33	+ int user_matched = UNSPEC;
34	+ int group_matched = UNSPEC;
35
36	if (tq_empty(user_list) && tq_empty(group_list))
37	return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
38	@@ -187,59 +181,67 @@
39	tq_foreach_rev(user_list, m) {
40	switch (m->type) {
41	case ALL:
42	- matched = !m->negated;
43	+ user_matched = !m->negated;
44	break;
45	case NETGROUP:
46	if (netgr_matches(m->name, NULL, NULL, runas_pw->pw_name))
47	- matched = !m->negated;
48	+ user_matched = !m->negated;
49	break;
50	case USERGROUP:
51	if (usergr_matches(m->name, runas_pw->pw_name, runas_pw))
52	- matched = !m->negated;
53	+ user_matched = !m->negated;
54	break;
55	case ALIAS:
56	if ((a = alias_find(m->name, RUNASALIAS)) != NULL) {
57	rval = _runaslist_matches(&a->members, &empty);
58	if (rval != UNSPEC)
59	- matched = m->negated ? !rval : rval;
60	+ user_matched = m->negated ? !rval : rval;
61	break;
62	}
63	/* FALLTHROUGH */
64	case WORD:
65	if (userpw_matches(m->name, runas_pw->pw_name, runas_pw))
66	- matched = !m->negated;
67	+ user_matched = !m->negated;
68	break;
69	}
70	- if (matched != UNSPEC)
71	+ if (user_matched != UNSPEC)
72	break;
73	}
74	}
75
76	if (runas_gr != NULL) {
77	+ if (user_matched == UNSPEC) {
78	+ if (runas_pw == NULL \|\| strcmp(runas_pw->pw_name, user_name) == 0)
79	+ user_matched = ALLOW; /* only changing group */
80	+ }
81	tq_foreach_rev(group_list, m) {
82	switch (m->type) {
83	case ALL:
84	- matched = !m->negated;
85	+ group_matched = !m->negated;
86	break;
87	case ALIAS:
88	if ((a = alias_find(m->name, RUNASALIAS)) != NULL) {
89	rval = _runaslist_matches(&a->members, &empty);
90	if (rval != UNSPEC)
91	- matched = m->negated ? !rval : rval;
92	+ group_matched = m->negated ? !rval : rval;
93	break;
94	}
95	/* FALLTHROUGH */
96	case WORD:
97	if (group_matches(m->name, runas_gr))
98	- matched = !m->negated;
99	+ group_matched = !m->negated;
100	break;
101	}
102	- if (matched != UNSPEC)
103	+ if (group_matched != UNSPEC)
104	break;
105	}
106	}
107
108	- return(matched);
109	+ if (user_matched == DENY \|\| group_matched == DENY)
110	+ return(DENY);
111	+ if (user_matched == group_matched \|\| runas_gr == NULL)
112	+ return(user_matched);
113	+ return(UNSPEC);
114	}
115
116	int

Gentoo Archives: gentoo-commits