From 092b4b4d0273c5cc2f46355cf2c09075a004016f Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 16 Mar 2011 15:59:44 -0400 Subject: [PATCH] Be careful not to deref user_stat if it is NULL. This cannot currently happen in sudo but might in other programs using the parser. --- plugins/sudoers/match.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/sudoers/match.c b/plugins/sudoers/match.c index a3b65de1f..8e06a4d5c 100644 --- a/plugins/sudoers/match.c +++ b/plugins/sudoers/match.c @@ -580,8 +580,9 @@ command_matches_dir(char *sudoers_dir, size_t dlen) if (strcmp(user_base, dent->d_name) != 0 || stat(buf, &sudoers_stat) == -1) continue; - if (user_stat->st_dev == sudoers_stat.st_dev && - user_stat->st_ino == sudoers_stat.st_ino) { + if (user_stat == NULL || + (user_stat->st_dev == sudoers_stat.st_dev && + user_stat->st_ino == sudoers_stat.st_ino)) { efree(safe_cmnd); safe_cmnd = estrdup(buf); break; -- 2.40.0