1 files changed, 112 insertions, 0 deletions
diff --git a/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch b/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
new file mode 100644
index 0000000000..453a8b09a4
--- /dev/null
+++ b/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
@@ -0,0 +1,112 @@
+From 396bc57feff3e360007634f62448b64e0626390c Mon Sep 17 00:00:00 2001
+From: "Todd C. Miller" <Todd.Miller@sudo.ws>
+Date: Thu, 10 Oct 2019 10:04:13 -0600
+Subject: [PATCH] Add sudo_strtoid() tests for -1 and range errors. Also adjust
+ testsudoers/test5 which relied upon gid -1 parsing.
+Upstream-Status: Backport [https://github.com/sudo-project/sudo/commit/396bc57]
+CVE: CVE-2019-14287
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ lib/util/regress/atofoo/atofoo_test.c            | 36 ++++++++++++++++------
+ plugins/sudoers/regress/testsudoers/test5.out.ok |  2 +-
+ plugins/sudoers/regress/testsudoers/test5.sh     |  2 +-
+ 3 files changed, 29 insertions(+), 11 deletions(-)
+diff --git a/lib/util/regress/atofoo/atofoo_test.c b/lib/util/regress/atofoo/atofoo_test.c
+index 031a7ed..fb41c1a 100644
+--- a/lib/util/regress/atofoo/atofoo_test.c
+++ b/lib/util/regress/atofoo/atofoo_test.c
+@@ -26,6 +26,7 @@
+ #else
+ # include "compat/stdbool.h"
+ #endif
+#include <errno.h>
+ 
+ #include "sudo_compat.h"
+ #include "sudo_util.h"
+@@ -80,15 +81,20 @@ static struct strtoid_data {
+     id_t id;
+     const char *sep;
+     const char *ep;
+    int errnum;
+ } strtoid_data[] = {
+-    { "0,1", 0, ",", "," },
+-    { "10", 10, NULL, NULL },
+-    { "-2", -2, NULL, NULL },
+    { "0,1", 0, ",", ",", 0 },
+    { "10", 10, NULL, NULL, 0 },
+    { "-1", 0, NULL, NULL, EINVAL },
+    { "4294967295", 0, NULL, NULL, EINVAL },
+    { "4294967296", 0, NULL, NULL, ERANGE },
+    { "-2147483649", 0, NULL, NULL, ERANGE },
+    { "-2", -2, NULL, NULL, 0 },
+ #if SIZEOF_ID_T != SIZEOF_LONG_LONG
+-    { "-2", (id_t)4294967294U, NULL, NULL },
+    { "-2", (id_t)4294967294U, NULL, NULL, 0 },
+ #endif
+-    { "4294967294", (id_t)4294967294U, NULL, NULL },
+-    { NULL, 0, NULL, NULL }
+    { "4294967294", (id_t)4294967294U, NULL, NULL, 0 },
+    { NULL, 0, NULL, NULL, 0 }
+ };
+ 
+ static int
+@@ -104,11 +110,23 @@ test_strtoid(int *ntests)
+        (*ntests)++;
+        errstr = "some error";
+        value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr);
+-       if (errstr != NULL) {
+-           if (d->id != (id_t)-1) {
+-               sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
+       if (d->errnum != 0) {
+           if (errstr == NULL) {
+               sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d",
+                   d->idstr, d->errnum);
+               errors++;
+           } else if (value != 0) {
+               sudo_warnx_nodebug("FAIL: %s should return 0 on error",
+                   d->idstr);
+               errors++;
+           } else if (errno != d->errnum) {
+               sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d",
+                   d->idstr, errno, d->errnum);
+                errors++;
+            }
+       } else if (errstr != NULL) {
+           sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
+           errors++;
+        } else if (value != d->id) {
+            sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id);
+            errors++;
+diff --git a/plugins/sudoers/regress/testsudoers/test5.out.ok b/plugins/sudoers/regress/testsudoers/test5.out.ok
+index 5e319c9..cecf700 100644
+--- a/plugins/sudoers/regress/testsudoers/test5.out.ok
+++ b/plugins/sudoers/regress/testsudoers/test5.out.ok
+@@ -4,7 +4,7 @@ Parse error in sudoers near line 1.
+ Entries for user root:
+ 
+ Command unmatched
+-testsudoers: test5.inc should be owned by gid 4294967295
+testsudoers: test5.inc should be owned by gid 4294967294
+ Parse error in sudoers near line 1.
+ 
+ Entries for user root:
+diff --git a/plugins/sudoers/regress/testsudoers/test5.sh b/plugins/sudoers/regress/testsudoers/test5.sh
+index 9e690a6..94d585c 100755
+--- a/plugins/sudoers/regress/testsudoers/test5.sh
+++ b/plugins/sudoers/regress/testsudoers/test5.sh
+@@ -24,7 +24,7 @@ EOF
+ 
+ # Test group writable
+ chmod 664 $TESTFILE
+-./testsudoers -U $MYUID -G -1 root id <<EOF
+./testsudoers -U $MYUID -G -2 root id <<EOF
+ #include $TESTFILE
+ EOF
+ 
+-- 
+2.7.4

diff --git a/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch b/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch new file mode 100644 index 0000000000..453a8b09a4 --- /dev/null +++ b/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
@@ -0,0 +1,112 @@
	1	From 396bc57feff3e360007634f62448b64e0626390c Mon Sep 17 00:00:00 2001
	2	From: "Todd C. Miller" <Todd.Miller@sudo.ws>
	3	Date: Thu, 10 Oct 2019 10:04:13 -0600
	4	Subject: [PATCH] Add sudo_strtoid() tests for -1 and range errors. Also adjust
	5	testsudoers/test5 which relied upon gid -1 parsing.
	6
	7	Upstream-Status: Backport [https://github.com/sudo-project/sudo/commit/396bc57]
	8	CVE: CVE-2019-14287
	9
	10	Signed-off-by: Changqing Li <changqing.li@windriver.com>
	11
	12	---
	13	lib/util/regress/atofoo/atofoo_test.c \| 36 ++++++++++++++++------
	14	plugins/sudoers/regress/testsudoers/test5.out.ok \| 2 +-
	15	plugins/sudoers/regress/testsudoers/test5.sh \| 2 +-
	16	3 files changed, 29 insertions(+), 11 deletions(-)
	17
	18	diff --git a/lib/util/regress/atofoo/atofoo_test.c b/lib/util/regress/atofoo/atofoo_test.c
	19	index 031a7ed..fb41c1a 100644
	20	--- a/lib/util/regress/atofoo/atofoo_test.c
	21	+++ b/lib/util/regress/atofoo/atofoo_test.c
	22	@@ -26,6 +26,7 @@
	23	#else
	24	# include "compat/stdbool.h"
	25	#endif
	26	+#include <errno.h>
	27
	28	#include "sudo_compat.h"
	29	#include "sudo_util.h"
	30	@@ -80,15 +81,20 @@ static struct strtoid_data {
	31	id_t id;
	32	const char *sep;
	33	const char *ep;
	34	+ int errnum;
	35	} strtoid_data[] = {
	36	- { "0,1", 0, ",", "," },
	37	- { "10", 10, NULL, NULL },
	38	- { "-2", -2, NULL, NULL },
	39	+ { "0,1", 0, ",", ",", 0 },
	40	+ { "10", 10, NULL, NULL, 0 },
	41	+ { "-1", 0, NULL, NULL, EINVAL },
	42	+ { "4294967295", 0, NULL, NULL, EINVAL },
	43	+ { "4294967296", 0, NULL, NULL, ERANGE },
	44	+ { "-2147483649", 0, NULL, NULL, ERANGE },
	45	+ { "-2", -2, NULL, NULL, 0 },
	46	#if SIZEOF_ID_T != SIZEOF_LONG_LONG
	47	- { "-2", (id_t)4294967294U, NULL, NULL },
	48	+ { "-2", (id_t)4294967294U, NULL, NULL, 0 },
	49	#endif
	50	- { "4294967294", (id_t)4294967294U, NULL, NULL },
	51	- { NULL, 0, NULL, NULL }
	52	+ { "4294967294", (id_t)4294967294U, NULL, NULL, 0 },
	53	+ { NULL, 0, NULL, NULL, 0 }
	54	};
	55
	56	static int
	57	@@ -104,11 +110,23 @@ test_strtoid(int *ntests)
	58	(*ntests)++;
	59	errstr = "some error";
	60	value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr);
	61	- if (errstr != NULL) {
	62	- if (d->id != (id_t)-1) {
	63	- sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
	64	+ if (d->errnum != 0) {
	65	+ if (errstr == NULL) {
	66	+ sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d",
	67	+ d->idstr, d->errnum);
	68	+ errors++;
	69	+ } else if (value != 0) {
	70	+ sudo_warnx_nodebug("FAIL: %s should return 0 on error",
	71	+ d->idstr);
	72	+ errors++;
	73	+ } else if (errno != d->errnum) {
	74	+ sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d",
	75	+ d->idstr, errno, d->errnum);
	76	errors++;
	77	}
	78	+ } else if (errstr != NULL) {
	79	+ sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
	80	+ errors++;
	81	} else if (value != d->id) {
	82	sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id);
	83	errors++;
	84	diff --git a/plugins/sudoers/regress/testsudoers/test5.out.ok b/plugins/sudoers/regress/testsudoers/test5.out.ok
	85	index 5e319c9..cecf700 100644
	86	--- a/plugins/sudoers/regress/testsudoers/test5.out.ok
	87	+++ b/plugins/sudoers/regress/testsudoers/test5.out.ok
	88	@@ -4,7 +4,7 @@ Parse error in sudoers near line 1.
	89	Entries for user root:
	90
	91	Command unmatched
	92	-testsudoers: test5.inc should be owned by gid 4294967295
	93	+testsudoers: test5.inc should be owned by gid 4294967294
	94	Parse error in sudoers near line 1.
	95
	96	Entries for user root:
	97	diff --git a/plugins/sudoers/regress/testsudoers/test5.sh b/plugins/sudoers/regress/testsudoers/test5.sh
	98	index 9e690a6..94d585c 100755
	99	--- a/plugins/sudoers/regress/testsudoers/test5.sh
	100	+++ b/plugins/sudoers/regress/testsudoers/test5.sh
	101	@@ -24,7 +24,7 @@ EOF
	102
	103	# Test group writable
	104	chmod 664 $TESTFILE
	105	-./testsudoers -U $MYUID -G -1 root id <<EOF
	106	+./testsudoers -U $MYUID -G -2 root id <<EOF
	107	#include $TESTFILE
	108	EOF
	109
	110	--
	111	2.7.4
	112