From: Todd C. Miller <Todd.Miller@sudo.ws>
Date: Wed, 25 Apr 2018 20:55:55 +0000 (-0600)
Subject: O_EXEC for fexecve() not O_SEARCH.
X-Git-Tag: SUDO_1_8_23^2~3
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a18e81148593d7e04f2565700a30d8ace53f5de5;p=sudo

O_EXEC for fexecve() not O_SEARCH.
---

diff --git a/plugins/sudoers/match.c b/plugins/sudoers/match.c
index c40c6f411..54e7280f4 100644
--- a/plugins/sudoers/match.c
+++ b/plugins/sudoers/match.c
@@ -70,8 +70,8 @@
 # include "compat/fnmatch.h"
 #endif /* HAVE_FNMATCH */
 
-#if !defined(O_SEARCH) && defined(O_PATH)
-# define O_SEARCH O_PATH
+#if !defined(O_EXEC) && defined(O_PATH)
+# define O_EXEC O_PATH
 #endif
 
 static struct member_list empty = TAILQ_HEAD_INITIALIZER(empty);
@@ -519,11 +519,11 @@ open_cmnd(const char *path, const struct sudo_digest *digest, int *fdp)
 	debug_return_bool(true);
 
     fd = open(path, O_RDONLY|O_NONBLOCK);
-# ifdef O_SEARCH
+# ifdef O_EXEC
     if (fd == -1 && errno == EACCES && digest == NULL) {
-	/* Try again with O_SEARCH if no digest is specified. */
+	/* Try again with O_EXEC if no digest is specified. */
 	const int saved_errno = errno;
-	if ((fd = open(path, O_SEARCH)) == -1)
+	if ((fd = open(path, O_EXEC)) == -1)
 	    errno = saved_errno;
     }
 # endif