From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 16 Mar 2011 19:59:50 +0000 (-0400)
Subject: Be careful not to deref user_stat if it is NULL.  This cannot currently
X-Git-Tag: SUDO_1_7_6~44
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=26eb810993f577856a6f9041a0420a0a76696385;p=sudo

Be careful not to deref user_stat if it is NULL.  This cannot currently
happen in sudo but might in other programs using the parser.

--HG--
branch : 1.7
---

diff --git a/match.c b/match.c
index fd63bfbba..ba299e19d 100644
--- a/match.c
+++ b/match.c
@@ -606,8 +606,9 @@ command_matches_dir(sudoers_dir, dlen)
 	if (strcmp(user_base, dent->d_name) != 0 ||
 	    stat(buf, &sudoers_stat) == -1)
 	    continue;
-	if (user_stat->st_dev == sudoers_stat.st_dev &&
-	    user_stat->st_ino == sudoers_stat.st_ino) {
+	if (user_stat == NULL ||
+	    (user_stat->st_dev == sudoers_stat.st_dev &&
+	    user_stat->st_ino == sudoers_stat.st_ino)) {
 	    efree(safe_cmnd);
 	    safe_cmnd = estrdup(buf);
 	    break;