From 8fa4ef591cff2437fa09f2e4f769a3959fcbb676 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Sun, 14 Sep 2008 20:07:49 +0000
Subject: [PATCH] Check EDITOR/VISUAL to make sure sudoedit is not re-invoking
 itself or sudo. This allows one to set EDITOR to sudoedit without getting
 into an infinite loop of sudoedit running itself until the path gets too big.

---
 sudo_edit.c | 55 +++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 41 insertions(+), 14 deletions(-)

diff --git a/sudo_edit.c b/sudo_edit.c
index 8548d7a50..29bc4cf29 100644
--- a/sudo_edit.c
+++ b/sudo_edit.c
@@ -62,10 +62,13 @@ __unused static const char rcsid[] = "$Sudo$";
 extern sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
 extern char **environ;
 
+static char *find_editor();
+
 /*
  * Wrapper to allow users to edit privileged files with their own uid.
  */
-int sudo_edit(argc, argv, envp)
+int
+sudo_edit(argc, argv, envp)
     int argc;
     char **argv;
     char **envp;
@@ -189,20 +192,8 @@ int sudo_edit(argc, argv, envp)
     if (argc == 1)
 	return(1);			/* no files readable, you lose */
 
-    /*
-     * Determine which editor to use.  We don't bother restricting this
-     * based on def_env_editor or def_editor since the editor runs with
-     * the uid of the invoking user, not the runas (privileged) user.
-     */
     environ = envp;
-    if (((editor = getenv("VISUAL")) != NULL && *editor != '\0') ||
-	((editor = getenv("EDITOR")) != NULL && *editor != '\0')) {
-	editor = estrdup(editor);
-    } else {
-	editor = estrdup(def_editor);
-	if ((cp = strchr(editor, ':')) != NULL)
-	    *cp = '\0';			/* def_editor could be a path */
-    }
+    editor = find_editor();
 
     /*
      * Allocate space for the new argument vector and fill it in.
@@ -358,3 +349,39 @@ cleanup:
     }
     return(1);
 }
+
+/*
+ * Determine which editor to use.  We don't bother restricting this
+ * based on def_env_editor or def_editor since the editor runs with
+ * the uid of the invoking user, not the runas (privileged) user.
+ */
+static char *
+find_editor()
+{
+    char *cp, *editor = NULL, **ev, *ev0[3];
+
+    ev0[0] = "VISUAL";
+    ev0[1] = "EDITOR";
+    ev0[2] = NULL;
+    for (ev = ev0; *ev != NULL; ev++) {
+	if ((editor = getenv(*ev)) != NULL && *editor != '\0') {
+	    if ((cp = strrchr(editor, '/')) != NULL)
+		cp++;
+	    else
+		cp = editor;
+	    /* Ignore "sudoedit" and "sudo" to avoid an endless loop. */
+	    if (strncmp(cp, "sudo", 4) != 0 ||
+		(cp[4] != ' ' && cp[4] != '\0' && strcmp(cp + 4, "edit") != 0)) {
+		editor = estrdup(editor);
+		break;
+	    }
+	}
+	editor = NULL;
+    }
+    if (editor == NULL) {
+	editor = estrdup(def_editor);
+	if ((cp = strchr(editor, ':')) != NULL)
+	    *cp = '\0';			/* def_editor could be a path */
+    }
+    return(editor);
+}
-- 
2.40.0