When checking for old-style bash functions in the environment, check

for values starting with "() " (note the trailing space) rather
than "()".  Bash will only treat the value as a function if the
space after "()" is present.  The trailing space was already present
in the compare string but when it was added, the length passed to
strncmp() was not updated from 3 to 4.
Found by PVS-Studio.  No security impact.

diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c
index dd11e10a577e8843911704dd13fa2f463918116f..22e0b7d0a5f877f80fbcd5057a04d5a5e6815da2 100644 (file)
--- a/plugins/sudoers/env.c
+++ b/plugins/sudoers/env.c
@@ -715,7 +715,7 @@ env_should_delete(const char *var)
 
     /* Skip variables with values beginning with () (bash functions) */
     if ((cp = strchr(var, '=')) != NULL) {
-       if (strncmp(cp, "=() ", 3) == 0) {
+       if (strncmp(cp, "=() ", 4) == 0) {
            delete_it = true;
            goto done;
        }
@@ -750,7 +750,7 @@ env_should_keep(const char *var)
     /* Skip bash functions unless we matched on the value as well as name. */
     if (keepit && !full_match) {
        if ((cp = strchr(var, '=')) != NULL) {
-           if (strncmp(cp, "=() ", 3) == 0)
+           if (strncmp(cp, "=() ", 4) == 0)
                keepit = false;
        }
     }