From: Todd C. Miller <Todd.Miller@sudo.ws>
Date: Mon, 14 May 2018 14:35:48 +0000 (-0600)
Subject: Parse "ALL" as a command correctly.
X-Git-Tag: SUDO_1_8_24^2~89
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cc3428398a5f31d7f97bb9dd47a9f2a1a9419040;p=sudo

Parse "ALL" as a command correctly.
---

diff --git a/plugins/sudoers/ldap_util.c b/plugins/sudoers/ldap_util.c
index 35e7d76ce..06770d4a4 100644
--- a/plugins/sudoers/ldap_util.c
+++ b/plugins/sudoers/ldap_util.c
@@ -324,29 +324,33 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
 	cmndspec->timeout = UNSPEC;
 
 	/* Fill in member. */
-	m->type = COMMAND;
 	m->negated = negated;
-	m->name = (char *)c;
+	if (strcmp(cmnd, "ALL") == 0) {
+	    m->type = ALL;
+	} else {
+	    m->type = COMMAND;
+	    m->name = (char *)c;
 
-	/* Fill in command with optional digest. */
-	if (sudo_ldap_extract_digest(&cmnd, &digest) != NULL) {
-	    if ((c->digest = malloc(sizeof(*c->digest))) == NULL) {
-		free_member(m);
-		goto oom;
+	    /* Fill in command with optional digest. */
+	    if (sudo_ldap_extract_digest(&cmnd, &digest) != NULL) {
+		if ((c->digest = malloc(sizeof(*c->digest))) == NULL) {
+		    free_member(m);
+		    goto oom;
+		}
+		*c->digest = digest;
 	    }
-	    *c->digest = digest;
-	}
-	if ((args = strpbrk(cmnd, " \t")) != NULL) {
-	    *args++ = '\0';
-	    if ((c->args = strdup(args)) == NULL) {
+	    if ((args = strpbrk(cmnd, " \t")) != NULL) {
+		*args++ = '\0';
+		if ((c->args = strdup(args)) == NULL) {
+		    free_member(m);
+		    goto oom;
+		}
+	    }
+	    if ((c->cmnd = strdup(cmnd)) == NULL) {
 		free_member(m);
 		goto oom;
 	    }
 	}
-	if ((c->cmnd = strdup(cmnd)) == NULL) {
-	    free_member(m);
-	    goto oom;
-	}
 	cmndspec->cmnd = m;
 
 	if (prev_cmndspec != NULL) {