Fix NULL dereference with "sudo -g group" when the sudoers rule has

no runas user or group listed.  Fixes RedHat bug Bug 667103.

--HG--
branch : 1.7

diff --git a/match.c b/match.c
index 9d081f02351ea2a8118d743289fd08d033520fc4..ad7725ebdd9d0528e5f8dd0d677235aab1a103d7 100644 (file)
--- a/match.c
+++ b/match.c
@@ -174,10 +174,11 @@ _runaslist_matches(user_list, group_list)
     int user_matched = UNSPEC;
     int group_matched = UNSPEC;
 
-    if (tq_empty(user_list) && tq_empty(group_list))
-       return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
-
     if (runas_pw != NULL) {
+       /* If no runas user or runas group listed in sudoers, use default. */
+       if (tq_empty(user_list) && tq_empty(group_list))
+           return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
+
        tq_foreach_rev(user_list, m) {
            switch (m->type) {
                case ALL: