File sudo-1.6.9p17-CVE-2010-0427.diff of Package sudo
Index: set_perms.c
===================================================================
--- set_perms.c.orig
+++ set_perms.c
@@ -376,11 +376,12 @@ set_perms(perm)
#endif /* HAVE_SETRESUID */
#ifdef HAVE_INITGROUPS
+static int runas_ngroups = -1;
+static GETGROUPS_T *runas_groups;
+
static void
runas_setgroups()
{
- static int ngroups = -1;
- static GETGROUPS_T *groups;
struct passwd *pw;
if (def_preserve_groups)
@@ -389,21 +390,28 @@ runas_setgroups()
/*
* Use stashed copy of runas groups if available, else initgroups and stash.
*/
- if (ngroups == -1) {
+ if (runas_ngroups == -1) {
pw = runas_pw ? runas_pw : sudo_user.pw;
if (initgroups(pw->pw_name, pw->pw_gid) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
- if ((ngroups = getgroups(0, NULL)) < 0)
+ if ((runas_ngroups = getgroups(0, NULL)) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't get runas ngroups");
- groups = emalloc2(ngroups, sizeof(GETGROUPS_T));
- if (getgroups(ngroups, groups) < 0)
+ runas_groups = emalloc2(runas_ngroups, sizeof(GETGROUPS_T));
+ if (getgroups(runas_ngroups, runas_groups) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector");
} else {
- if (setgroups(ngroups, groups) < 0)
+ if (setgroups(runas_ngroups, runas_groups) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
}
}
+void
+runas_resetgroups()
+{
+ runas_ngroups = -1;
+ efree(runas_groups);
+}
+
static void
restore_groups()
{
Index: sudo.c
===================================================================
--- sudo.c.orig
+++ sudo.c
@@ -131,6 +131,7 @@ extern char **insert_env_vars __P((char
extern struct passwd *sudo_getpwnam __P((const char *));
extern struct passwd *sudo_getpwuid __P((uid_t));
extern struct passwd *sudo_pwdup __P((const struct passwd *));
+extern void runas_resetgroups __P((void));
/*
* Globals
@@ -1244,6 +1245,7 @@ set_runaspw(user)
if (runas_pw == NULL)
log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", user);
}
+ runas_resetgroups();
return(TRUE);
}
