summaryrefslogtreecommitdiffstats
path: root/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 02:23:57 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 02:23:57 +0000
commit55c1e35c59b51018319d65f62b054c7682d95dd0 (patch)
tree6c5833e0b794bf046bd392b0544ce960753f4fd9 /debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch
parentAdding upstream version 1.8.27. (diff)
downloadsudo-cf6d71f77c2b66575c6b874f8590c35b7f0fdca7.tar.xz
sudo-cf6d71f77c2b66575c6b874f8590c35b7f0fdca7.zip
Adding debian version 1.8.27-1+deb10u3.debian/1.8.27-1+deb10u3
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch')
-rw-r--r--debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch b/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch
new file mode 100644
index 0000000..aa46b0f
--- /dev/null
+++ b/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch
@@ -0,0 +1,30 @@
+From 6ab23a7a9fe7be865e5c93363b520c704867326a Mon Sep 17 00:00:00 2001
+From: "Todd C. Miller" <Todd.Miller@sudo.ws>
+Date: Wed, 20 Jan 2021 09:04:12 +0100
+Subject: [PATCH 4/5] Fix the memset offset when converting a v1 timestamp to
+ TS_LOCKEXCL.
+
+We want to zero the struct starting at flags, not type (which was just set).
+Found by Qualys.
+---
+ plugins/sudoers/timestamp.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c
+index ace568e5a4fe..dfc9bdfc5f26 100644
+--- a/plugins/sudoers/timestamp.c
++++ b/plugins/sudoers/timestamp.c
+@@ -643,8 +643,8 @@ timestamp_lock(void *vcookie, struct passwd *pw)
+ if (entry.size == sizeof(struct timestamp_entry_v1)) {
+ /* Old sudo record, convert it to TS_LOCKEXCL. */
+ entry.type = TS_LOCKEXCL;
+- memset((char *)&entry + offsetof(struct timestamp_entry, type), 0,
+- nread - offsetof(struct timestamp_entry, type));
++ memset((char *)&entry + offsetof(struct timestamp_entry, flags), 0,
++ nread - offsetof(struct timestamp_entry, flags));
+ if (ts_write(cookie->fd, cookie->fname, &entry, 0) == -1)
+ debug_return_bool(false);
+ } else {
+--
+2.30.0
+