From: Todd C. Miller Date: Wed, 16 Mar 2011 19:59:50 +0000 (-0400) Subject: Be careful not to deref user_stat if it is NULL. This cannot currently X-Git-Tag: SUDO_1_7_6~44 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=26eb810993f577856a6f9041a0420a0a76696385;p=sudo Be careful not to deref user_stat if it is NULL. This cannot currently happen in sudo but might in other programs using the parser. --HG-- branch : 1.7 --- diff --git a/match.c b/match.c index fd63bfbba..ba299e19d 100644 --- a/match.c +++ b/match.c @@ -606,8 +606,9 @@ command_matches_dir(sudoers_dir, dlen) if (strcmp(user_base, dent->d_name) != 0 || stat(buf, &sudoers_stat) == -1) continue; - if (user_stat->st_dev == sudoers_stat.st_dev && - user_stat->st_ino == sudoers_stat.st_ino) { + if (user_stat == NULL || + (user_stat->st_dev == sudoers_stat.st_dev && + user_stat->st_ino == sudoers_stat.st_ino)) { efree(safe_cmnd); safe_cmnd = estrdup(buf); break;