]> granicus.if.org Git - sudo/commit
projects / sudo / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 63adb21) | patch
When checking for old-style bash functions in the environment, check
authorTodd C. Miller <Todd.Miller@courtesan.com>
Wed, 26 Oct 2016 17:22:30 +0000 (11:22 -0600)
committerTodd C. Miller <Todd.Miller@courtesan.com>
Wed, 26 Oct 2016 17:22:30 +0000 (11:22 -0600)
commit4c8988d4833f79c5179c3fb22d5e3051bb84e526
tree32f21bab8df750fa16d0e5c4b5c254c00fa2e635tree | snapshot
parent63adb21cea778644e39d4e176f43c9b9ef32850fcommit | diff
When checking for old-style bash functions in the environment, check
for values starting with "() " (note the trailing space) rather
than "()".  Bash will only treat the value as a function if the
space after "()" is present.  The trailing space was already present
in the compare string but when it was added, the length passed to
strncmp() was not updated from 3 to 4.
Found by PVS-Studio.  No security impact.
plugins/sudoers/env.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.