File sudo-dont-enable-read-after-pty_finish.patch of Package sudo.39467
From 19a660612f02d24b3cede13f99643cc40ba2a0b3 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Wed, 1 Mar 2023 13:25:17 -0700
Subject: [PATCH] write_callback: only enable /dev/tty reader if the command is
 running This fixes a hang when there is /dev/tty data in a buffer to be
 flushed by the final call to del_io_events().  We do not want to re-enable
 the reader when flushing the buffers as part of pty_finish(). See PR #247 for
 analysis of the problem and how to reproduce it.
---
 src/exec_pty.c   | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/exec_pty.c b/src/exec_pty.c
index cfe4929..d2baa6a 100644
--- a/src/exec_pty.c
+++ b/src/exec_pty.c
@@ -801,11 +801,14 @@ write_callback(int fd, int what, void *v)
 	    if (sudo_ev_add(evbase, iob->wevent, NULL, false) == -1)
 		sudo_fatal("%s", U_("unable to add event to queue"));
 	}
-	/* Enable reader if buffer is not full. */
-	if (iob->revent != NULL &&
-	    (ttymode == TERM_RAW || !USERTTY_EVENT(iob->revent))) {
-	    if (iob->len != sizeof(iob->buf)) {
-		if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1)
+	/*
+	 * Enable reader if buffer is not full but avoid reading /dev/tty
+	 * if not in raw mode or the command is no longer running.
+	 */
+	if (iob->revent != NULL && iob->len != sizeof(iob->buf)) {
+	  if (!USERTTY_EVENT(iob->revent) ||
+	      (ttymode == TERM_RAW && iob->ec->cmnd_pid != -1)) {
+		if (sudo_ev_add(evbase, iob->revent, NULL, false) == -1)
 		    sudo_fatal("%s", U_("unable to add event to queue"));
 	    }
 	}