1 files changed, 30 insertions, 0 deletions

diff --git a/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch b/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch
new file mode 100644
index 0000000..aa46b0f
--- /dev/null
+++ b/debian/patches/Fix-the-memset-offset-when-converting-a-v1-timestamp.patch
@@ -0,0 +1,30 @@
+From 6ab23a7a9fe7be865e5c93363b520c704867326a Mon Sep 17 00:00:00 2001
+From: "Todd C. Miller" <Todd.Miller@sudo.ws>
+Date: Wed, 20 Jan 2021 09:04:12 +0100
+Subject: [PATCH 4/5] Fix the memset offset when converting a v1 timestamp to
+ TS_LOCKEXCL.
+
+We want to zero the struct starting at flags, not type (which was just set).
+Found by Qualys.
+---
+ plugins/sudoers/timestamp.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c
+index ace568e5a4fe..dfc9bdfc5f26 100644
+--- a/plugins/sudoers/timestamp.c
++++ b/plugins/sudoers/timestamp.c
+@@ -643,8 +643,8 @@ timestamp_lock(void *vcookie, struct passwd *pw)
+ 	if (entry.size == sizeof(struct timestamp_entry_v1)) {
+ 	    /* Old sudo record, convert it to TS_LOCKEXCL. */
+ 	    entry.type = TS_LOCKEXCL;
+-	    memset((char *)&entry + offsetof(struct timestamp_entry, type), 0,
+-		nread - offsetof(struct timestamp_entry, type));
++	    memset((char *)&entry + offsetof(struct timestamp_entry, flags), 0,
++		nread - offsetof(struct timestamp_entry, flags));
+ 	    if (ts_write(cookie->fd, cookie->fname, &entry, 0) == -1)
+ 		debug_return_bool(false);
+ 	} else {
+-- 
+2.30.0
+