Overview

File sudo-1.8.6p3-CVE-2013-1775.patch of Package sudo.openSUSE_12.1_Update

63210a2b8f2f199b521f6c8213bb29775c09375c
 plugins/sudoers/check.c |   53 +++++++++++++++++++++++++----------------------
 1 file changed, 28 insertions(+), 25 deletions(-)

Index: sudo-1.8.2/plugins/sudoers/check.c
===================================================================
--- sudo-1.8.2.orig/plugins/sudoers/check.c	2011-07-28 16:59:58.000000000 +0200
+++ sudo-1.8.2/plugins/sudoers/check.c	2013-03-01 13:26:07.392242292 +0100
@@ -589,31 +589,34 @@ timestamp_status(char *timestampdir, cha
      */
     if (status == TS_OLD && !ISSET(flags, TS_REMOVE)) {
 	mtim_get(&sb, &mtime);
-	/* Negative timeouts only expire manually (sudo -k). */
-	if (def_timestamp_timeout < 0 && mtime.tv_sec != 0)
-	    status = TS_CURRENT;
-	else {
-	    now = time(NULL);
-	    if (def_timestamp_timeout &&
-		now - mtime.tv_sec < 60 * def_timestamp_timeout) {
-		/*
-		 * Check for bogus time on the stampfile.  The clock may
-		 * have been set back or someone could be trying to spoof us.
-		 */
-		if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
-		    time_t tv_sec = (time_t)mtime.tv_sec;
-		    log_error(NO_EXIT,
-			_("timestamp too far in the future: %20.20s"),
-			4 + ctime(&tv_sec));
-		    if (timestampfile)
-			(void) unlink(timestampfile);
-		    else
-			(void) rmdir(timestampdir);
-		    status = TS_MISSING;
-		} else if (get_boottime(&boottime) && timevalcmp(&mtime, &boottime, <)) {
-		    status = TS_OLD;
-		} else {
-		    status = TS_CURRENT;
+	if (timevalisset(&mtime)) {
+	    /* Negative timeouts only expire manually (sudo -k). */
+	    if (def_timestamp_timeout < 0) {
+		status = TS_CURRENT;
+	    } else {
+		now = time(NULL);
+		if (def_timestamp_timeout &&
+		    now - mtime.tv_sec < 60 * def_timestamp_timeout) {
+		    /*
+		     * Check for bogus time on the stampfile.  The clock may
+		     * have been set back or user could be trying to spoof us.
+		     */
+		    if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
+			time_t tv_sec = (time_t)mtime.tv_sec;
+			log_error(0,
+			    _("timestamp too far in the future: %20.20s"),
+			    4 + ctime(&tv_sec));
+			if (timestampfile)
+			    (void) unlink(timestampfile);
+			else
+			    (void) rmdir(timestampdir);
+			status = TS_MISSING;
+		    } else if (get_boottime(&boottime) &&
+			timevalcmp(&mtime, &boottime, <)) {
+			status = TS_OLD;
+		    } else {
+			status = TS_CURRENT;
+		    }
 		}
 	    }
 	}
openSUSE Build Service is sponsored by
Places