From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 4 Jan 2011 17:44:39 +0000 (-0500)
Subject: Fix NULL dereference with "sudo -g group" when the sudoers rule has
X-Git-Tag: SUDO_1_8_0~102
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b92b745eaf8eea4d44c2f80fc098b614678d6603;p=sudo

Fix NULL dereference with "sudo -g group" when the sudoers rule has
no runas user or group listed.  Fixes RedHat bug Bug 667103.
---

diff --git a/plugins/sudoers/match.c b/plugins/sudoers/match.c
index 4a245422f..0f74d61da 100644
--- a/plugins/sudoers/match.c
+++ b/plugins/sudoers/match.c
@@ -165,10 +165,11 @@ _runaslist_matches(struct member_list *user_list, struct member_list *group_list
     int user_matched = UNSPEC;
     int group_matched = UNSPEC;
 
-    if (tq_empty(user_list) && tq_empty(group_list))
-	return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
-
     if (runas_pw != NULL) {
+	/* If no runas user or runas group listed in sudoers, use default. */
+	if (tq_empty(user_list) && tq_empty(group_list))
+	    return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
+
 	tq_foreach_rev(user_list, m) {
 	    switch (m->type) {
 		case ALL: