summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch')
-rw-r--r--meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch98
1 files changed, 98 insertions, 0 deletions
diff --git a/meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch b/meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch
new file mode 100644
index 0000000000..dcb2703d23
--- /dev/null
+++ b/meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch
@@ -0,0 +1,98 @@
1CVE: CVE-2019-14287
2Upstream-Status: Backport
3[https://www.sudo.ws/repos/sudo/rev/db06a8336c09]
4
5Signed-off-by: Dan Tran <dantran@microsoft.com>
6
7Index: sudo-1.8.21p2/lib/util/regress/atofoo/atofoo_test.c
8===================================================================
9--- sudo-1.8.21p2.orig/lib/util/regress/atofoo/atofoo_test.c 2019-10-11 07:11:49.874655384 -0400
10+++ sudo-1.8.21p2/lib/util/regress/atofoo/atofoo_test.c 2019-10-11 07:13:07.471005893 -0400
11@@ -24,6 +24,7 @@
12 #else
13 # include "compat/stdbool.h"
14 #endif
15+#include <errno.h>
16
17 #include "sudo_compat.h"
18 #include "sudo_util.h"
19@@ -78,15 +79,20 @@ static struct strtoid_data {
20 id_t id;
21 const char *sep;
22 const char *ep;
23+ int errnum;
24 } strtoid_data[] = {
25- { "0,1", 0, ",", "," },
26- { "10", 10, NULL, NULL },
27- { "-2", -2, NULL, NULL },
28+ { "0,1", 0, ",", ",", 0 },
29+ { "10", 10, NULL, NULL, 0 },
30+ { "-1", 0, NULL, NULL, EINVAL },
31+ { "4294967295", 0, NULL, NULL, EINVAL },
32+ { "4294967296", 0, NULL, NULL, ERANGE },
33+ { "-2147483649", 0, NULL, NULL, ERANGE },
34+ { "-2", -2, NULL, NULL, 0 },
35 #if SIZEOF_ID_T != SIZEOF_LONG_LONG
36- { "-2", 4294967294U, NULL, NULL },
37+ { "-2", (id_t)4294967294U, NULL, NULL, 0 },
38 #endif
39- { "4294967294", 4294967294U, NULL, NULL },
40- { NULL, 0, NULL, NULL }
41+ { "4294967294", (id_t)4294967294U, NULL, NULL, 0 },
42+ { NULL, 0, NULL, NULL, 0 }
43 };
44
45 static int
46@@ -102,11 +108,23 @@ test_strtoid(int *ntests)
47 (*ntests)++;
48 errstr = "some error";
49 value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr);
50- if (errstr != NULL) {
51- if (d->id != (id_t)-1) {
52- sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
53+ if (d->errnum != 0) {
54+ if (errstr == NULL) {
55+ sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d",
56+ d->idstr, d->errnum);
57+ errors++;
58+ } else if (value != 0) {
59+ sudo_warnx_nodebug("FAIL: %s should return 0 on error",
60+ d->idstr);
61+ errors++;
62+ } else if (errno != d->errnum) {
63+ sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d",
64+ d->idstr, errno, d->errnum);
65 errors++;
66 }
67+ } else if (errstr != NULL) {
68+ sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
69+ errors++;
70 } else if (value != d->id) {
71 sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id);
72 errors++;
73Index: sudo-1.8.21p2/plugins/sudoers/regress/testsudoers/test5.out.ok
74===================================================================
75--- sudo-1.8.21p2.orig/plugins/sudoers/regress/testsudoers/test5.out.ok 2019-10-11 07:11:49.874655384 -0400
76+++ sudo-1.8.21p2/plugins/sudoers/regress/testsudoers/test5.out.ok 2019-10-11 07:11:49.870655365 -0400
77@@ -4,7 +4,7 @@ Parse error in sudoers near line 1.
78 Entries for user root:
79
80 Command unmatched
81-testsudoers: test5.inc should be owned by gid 4294967295
82+testsudoers: test5.inc should be owned by gid 4294967294
83 Parse error in sudoers near line 1.
84
85 Entries for user root:
86Index: sudo-1.8.21p2/plugins/sudoers/regress/testsudoers/test5.sh
87===================================================================
88--- sudo-1.8.21p2.orig/plugins/sudoers/regress/testsudoers/test5.sh 2019-10-11 07:11:49.874655384 -0400
89+++ sudo-1.8.21p2/plugins/sudoers/regress/testsudoers/test5.sh 2019-10-11 07:11:49.870655365 -0400
90@@ -24,7 +24,7 @@ EOF
91
92 # Test group writable
93 chmod 664 $TESTFILE
94-./testsudoers -U $MYUID -G -1 root id <<EOF
95+./testsudoers -U $MYUID -G -2 root id <<EOF
96 #include $TESTFILE
97 EOF
98