26 lines
838 B
Diff
26 lines
838 B
Diff
From 902271f441f61506392588fc26db992e64ae4ecd Mon Sep 17 00:00:00 2001
|
|
From: Sohom <sohom.datta@learner.manipal.edu>
|
|
Date: Wed, 9 Nov 2022 23:20:12 +0530
|
|
Subject: [PATCH] [cvtsudoers]: Prevent sudo from reading into undefined memory
|
|
|
|
---
|
|
plugins/sudoers/parse_ldif.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/plugins/sudoers/parse_ldif.c b/plugins/sudoers/parse_ldif.c
|
|
index 6c2b74aa0..5d2a79163 100644
|
|
--- a/plugins/sudoers/parse_ldif.c
|
|
+++ b/plugins/sudoers/parse_ldif.c
|
|
@@ -688,7 +688,7 @@ sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree,
|
|
if (strncasecmp(attr, "cn=", 3) == 0) {
|
|
for (attr += 3; *attr != '\0'; attr++) {
|
|
/* Handle escaped ',' chars. */
|
|
- if (*attr == '\\')
|
|
+ if (*attr == '\\' && attr[1] != '\0')
|
|
attr++;
|
|
if (*attr == ',') {
|
|
attr++;
|
|
--
|
|
2.27.0
|
|
|