From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 13 Aug 2013 20:48:24 +0000 (-0600)
Subject: Make sure the mailer exists and is a regular file before trying
X-Git-Tag: SUDO_1_8_8^2~71
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=04b290e385ff75feb6d816cbfbf315488810f7d8;p=sudo

Make sure the mailer exists and is a regular file before trying
to exec it.
---

diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c
index eee0f2d5a..a53581d94 100644
--- a/plugins/sudoers/logging.c
+++ b/plugins/sudoers/logging.c
@@ -542,6 +542,7 @@ send_mail(const char *fmt, ...)
     int fd, pfd[2], status;
     pid_t pid, rv;
     sigaction_t sa;
+    struct stat sb;
     va_list ap;
 #ifndef NO_ROOT_MAILER
     static char *root_envp[] = {
@@ -559,6 +560,10 @@ send_mail(const char *fmt, ...)
     if (!def_mailerpath || !def_mailto)
 	debug_return;
 
+    /* Make sure the mailer exists and is a regular file. */
+    if (stat(def_mailerpath, &sb) != 0 || !S_ISREG(sb.st_mode))
+	debug_return;
+
     /* Fork and return, child will daemonize. */
     switch (pid = sudo_debug_fork()) {
 	case -1: