From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 11 May 2016 20:02:43 +0000 (-0600)
Subject: Repair SELinux support, broken by 397722cdd7ec.
X-Git-Tag: SUDO_1_8_17^2~70
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d3622b0f2c96fb57b9b60d168beff78c892dbb49;p=sudo

Repair SELinux support, broken by 397722cdd7ec.
From Daniel Kopecek.
---

diff --git a/src/selinux.c b/src/selinux.c
index e2d375b3d..c61eed94d 100644
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -379,7 +379,7 @@ selinux_execve(int fd, const char *path, char *const argv[], char *envp[],
 {
     char **nargv;
     const char *sesh;
-    int argc, serrno;
+    int argc, nargc, serrno;
     debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
 
     sesh = sudo_conf_sesh_path();
@@ -410,9 +410,7 @@ selinux_execve(int fd, const char *path, char *const argv[], char *envp[],
      */
     for (argc = 0; argv[argc] != NULL; argc++)
 	continue;
-    if (fd != -1)
-	argc++;
-    nargv = reallocarray(NULL, argc + 2, sizeof(char *));
+    nargv = reallocarray(NULL, argc + 3, sizeof(char *));
     if (nargv == NULL) {
 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
 	debug_return;
@@ -421,13 +419,13 @@ selinux_execve(int fd, const char *path, char *const argv[], char *envp[],
 	nargv[0] = *argv[0] == '-' ? "-sesh-noexec" : "sesh-noexec";
     else
 	nargv[0] = *argv[0] == '-' ? "-sesh" : "sesh";
-    argc = 1;
-    if (fd != -1 && asprintf(&nargv[argc++], "--execfd=%d", fd) == -1) {
+    nargc = 1;
+    if (fd != -1 && asprintf(&nargv[nargc++], "--execfd=%d", fd) == -1) {
 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
 	debug_return;
     }
-    nargv[argc] = (char *)path;
-    memcpy(&nargv[argc + 1], &argv[argc], argc * sizeof(char *)); /* copies NULL */
+    nargv[nargc++] = (char *)path;
+    memcpy(&nargv[nargc], &argv[argc], argc * sizeof(char *)); /* copies NULL */
 
     /* sesh will handle noexec for us. */
     sudo_execve(-1, sesh, nargv, envp, false);