From 9074a28784f47cda5fc1a320e87e92e42df6d070 Mon Sep 17 00:00:00 2001 From: zhangruifang2020 Date: Tue, 28 Nov 2023 14:18:43 +0800 Subject: [PATCH] Backport patches from upstream community --- ...if-do-not-free-parse_tree-before-usi.patch | 28 +++++++++++++++++++ sudo.spec | 6 +++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 backport-sudoers_parse_ldif-do-not-free-parse_tree-before-usi.patch diff --git a/backport-sudoers_parse_ldif-do-not-free-parse_tree-before-usi.patch b/backport-sudoers_parse_ldif-do-not-free-parse_tree-before-usi.patch new file mode 100644 index 0000000..3b1dec1 --- /dev/null +++ b/backport-sudoers_parse_ldif-do-not-free-parse_tree-before-usi.patch @@ -0,0 +1,28 @@ +From a712af5a26d886d1db88d77575b7998a1944d3a9 Mon Sep 17 00:00:00 2001 +From: "Todd C. Miller" +Date: Fri, 18 Aug 2023 12:22:43 -0600 +Subject: [PATCH] sudoers_parse_ldif: do not free parse_tree before using + +The user is expected to pass in an initialized and empty parse_tree +so there is no need to free it first. +--- + plugins/sudoers/parse_ldif.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/plugins/sudoers/parse_ldif.c b/plugins/sudoers/parse_ldif.c +index a9944171b..98d84488a 100644 +--- a/plugins/sudoers/parse_ldif.c ++++ b/plugins/sudoers/parse_ldif.c +@@ -582,9 +582,6 @@ sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree, + int errors = 0; + debug_decl(sudoers_parse_ldif, SUDOERS_DEBUG_UTIL); + +- /* Free old contents of the parse tree (if any). */ +- free_parse_tree(parse_tree); +- + /* + * We cache user, group and host lists to make it eay to detect when there + * are identical lists (simple pointer compare). This makes it possible +-- +2.33.0 + diff --git a/sudo.spec b/sudo.spec index 09aa2f9..2699177 100644 --- a/sudo.spec +++ b/sudo.spec @@ -1,6 +1,6 @@ Name: sudo Version: 1.9.8p2 -Release: 14 +Release: 15 Summary: Allows restricted root access for specified users License: ISC URL: http://www.courtesan.com/sudo/ @@ -38,6 +38,7 @@ Patch24: backport-sudo_putenv_nodebug-require-that-the-environment-str.patch Patch25: backport-Linux-execve-2-allows-argv-or-envp-to-be-NULL.patch Patch26: backport-Fix-potential-NULL-pointer-deference-found-by-clang-.patch Patch27: backport-Set-command_info-to-NULL-once-it-is-freed.patch +Patch28: backport-sudoers_parse_ldif-do-not-free-parse_tree-before-usi.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: pam @@ -188,6 +189,9 @@ install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/sudo-i %exclude %{_pkgdocdir}/ChangeLog %changelog +* Tue Nov 28 2023 zhangruifang - 1.9.8p2-15 +- Backport patches from upstream community + * Mon Aug 07 2023 zhoushuiqing - 1.9.8p2-14 - Backport patche from upstream community -- Gitee