From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sat, 24 Oct 2015 12:20:20 +0000 (-0600)
Subject: When creating a new file, sudoedit will now check that the file's
X-Git-Tag: SUDO_1_8_15^2~10
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5d66b840d8f614775aab03091a478b5cf9cb1341;p=sudo

When creating a new file, sudoedit will now check that the file's
parent directory exists before running the editor.
---

diff --git a/NEWS b/NEWS
index c47334a29..ae2a232c1 100644
--- a/NEWS
+++ b/NEWS
@@ -83,6 +83,9 @@ What's new in Sudo 1.8.15
    to the group plugin.  Previously, unknown system groups were
    always passed to the group plugin.
 
+ * When creating a new file, sudoedit will now check that the file's
+   parent directory exists before running the editor.
+
 What's new in Sudo 1.8.14p3
 
  * Fixed a bug introduced in sudo 1.8.14p2 that prevented sudo
diff --git a/src/sudo_edit.c b/src/sudo_edit.c
index ca8442103..6a2cec564 100644
--- a/src/sudo_edit.c
+++ b/src/sudo_edit.c
@@ -387,8 +387,21 @@ sudo_edit_create_tfiles(struct command_details *command_details,
 	ofd = sudo_edit_open(files[i], O_RDONLY, 0644, command_details->flags);
 	if (ofd != -1 || errno == ENOENT) {
 	    if (ofd == -1) {
-		memset(&sb, 0, sizeof(sb));		/* new file */
-		rc = 0;
+		/* New file, verify parent dir exists unless in cwd. */
+		char *slash = strrchr(files[i], '/');
+		if (slash != NULL && slash != files[i]) {
+		    int serrno = errno;
+		    *slash = '\0';
+		    if (stat(files[i], &sb) == 0 && S_ISDIR(sb.st_mode)) {
+			memset(&sb, 0, sizeof(sb));
+			rc = 0;
+		    }
+		    *slash = '/';
+		    errno = serrno;
+		} else {
+		    memset(&sb, 0, sizeof(sb));
+		    rc = 0;
+		}
 	    } else {
 		rc = fstat(ofd, &sb);
 	    }