Upstream-Status: Backport [https://www.sudo.ws/repos/sudo/rev/09f98816fc89]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
CVE: CVE-2021-3156

# HG changeset patch
# User Todd C. Miller <Todd.Miller@sudo.ws>
# Date 1611416640 25200
# Node ID 09f98816fc8978f1d8623a857073d2d5746f0379
# Parent  049ad90590be1e5dfb7df2675d2eb3e37c96ab86
Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL.
We want to zero the struct starting at flags, not type (which was just set).
Found by Qualys.

diff -r 049ad90590be -r 09f98816fc89 plugins/sudoers/timestamp.c
--- a/plugins/sudoers/timestamp.c	Sat Jan 23 08:43:59 2021 -0700
+++ b/plugins/sudoers/timestamp.c	Sat Jan 23 08:44:00 2021 -0700
@@ -643,8 +643,8 @@
 	if (entry.size == sizeof(struct timestamp_entry_v1)) {
 	    /* Old sudo record, convert it to TS_LOCKEXCL. */
 	    entry.type = TS_LOCKEXCL;
-	    memset((char *)&entry + offsetof(struct timestamp_entry, type), 0,
-		nread - offsetof(struct timestamp_entry, type));
+	    memset((char *)&entry + offsetof(struct timestamp_entry, flags), 0,
+		nread - offsetof(struct timestamp_entry, flags));
 	    if (ts_write(cookie->fd, cookie->fname, &entry, 0) == -1)
 		debug_return_bool(false);
 	} else {