Don't init the private environment in rebuild_env() since it may

have already been done implicitly sudo_setenv/sudo_unsetenv.

Multiply length by sizeof(char *) in memcpy/memmove when copying
the environment so we copy the full thing.

Add missing set of parens so we deref the right pointer in
sudo_unsetenv when searching for a matching variable.

diff --git a/env.c b/env.c
index 901c35e98469a06ec0cfe95d0e06ff3e6129fd2d..7ef93c8018dd3c47ecebf178bf1acfb512388da9 100644 (file)
--- a/env.c
+++ b/env.c
@@ -229,7 +229,7 @@ sync_env()
        env.env_size = evlen + 1 + 128;
        env.envp = emalloc2(env.env_size, sizeof(char *));
     }
-    memcpy(env.envp, environ, evlen + 1);
+    memcpy(env.envp, environ, (evlen + 1) * sizeof(char *));
     env.env_len = evlen;
     environ = env.envp;
 }
@@ -309,9 +309,10 @@ sudo_unsetenv(var)
 
     varlen = strlen(var);
     for (nep = env.envp; *nep; nep++) {
-       if (strncmp(var, *nep, varlen) == 0 && *nep[varlen] == '=') {
+       if (strncmp(var, *nep, varlen) == 0 && (*nep)[varlen] == '=') {
            /* Found it; move everything over by one and update len. */
-           memmove(nep, nep + 1, env.env_len - (nep - env.envp));
+           memmove(nep, nep + 1,
+               (env.env_len - (nep - env.envp)) * sizeof(char *));
            env.env_len--;
            return;
        }
@@ -464,9 +465,6 @@ rebuild_env(sudo_mode, noexec)
      */
     ps1 = NULL;
     didvar = 0;
-    env.env_len = 0;
-    env.env_size = 128;
-    env.envp = emalloc2(env.env_size, sizeof(char *));
     if (def_env_reset) {
        /* Pull in vars we want to keep from the old environment. */
        for (ep = environ; *ep; ep++) {