diff options
Diffstat (limited to 'meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch')
-rw-r--r-- | meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch | 112 |
1 files changed, 0 insertions, 112 deletions
diff --git a/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch b/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch deleted file mode 100644 index 453a8b09a4..0000000000 --- a/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch +++ /dev/null @@ -1,112 +0,0 @@ -From 396bc57feff3e360007634f62448b64e0626390c Mon Sep 17 00:00:00 2001 -From: "Todd C. Miller" <Todd.Miller@sudo.ws> -Date: Thu, 10 Oct 2019 10:04:13 -0600 -Subject: [PATCH] Add sudo_strtoid() tests for -1 and range errors. Also adjust - testsudoers/test5 which relied upon gid -1 parsing. - -Upstream-Status: Backport [https://github.com/sudo-project/sudo/commit/396bc57] -CVE: CVE-2019-14287 - -Signed-off-by: Changqing Li <changqing.li@windriver.com> - ---- - lib/util/regress/atofoo/atofoo_test.c | 36 ++++++++++++++++------ - plugins/sudoers/regress/testsudoers/test5.out.ok | 2 +- - plugins/sudoers/regress/testsudoers/test5.sh | 2 +- - 3 files changed, 29 insertions(+), 11 deletions(-) - -diff --git a/lib/util/regress/atofoo/atofoo_test.c b/lib/util/regress/atofoo/atofoo_test.c -index 031a7ed..fb41c1a 100644 ---- a/lib/util/regress/atofoo/atofoo_test.c -+++ b/lib/util/regress/atofoo/atofoo_test.c -@@ -26,6 +26,7 @@ - #else - # include "compat/stdbool.h" - #endif -+#include <errno.h> - - #include "sudo_compat.h" - #include "sudo_util.h" -@@ -80,15 +81,20 @@ static struct strtoid_data { - id_t id; - const char *sep; - const char *ep; -+ int errnum; - } strtoid_data[] = { -- { "0,1", 0, ",", "," }, -- { "10", 10, NULL, NULL }, -- { "-2", -2, NULL, NULL }, -+ { "0,1", 0, ",", ",", 0 }, -+ { "10", 10, NULL, NULL, 0 }, -+ { "-1", 0, NULL, NULL, EINVAL }, -+ { "4294967295", 0, NULL, NULL, EINVAL }, -+ { "4294967296", 0, NULL, NULL, ERANGE }, -+ { "-2147483649", 0, NULL, NULL, ERANGE }, -+ { "-2", -2, NULL, NULL, 0 }, - #if SIZEOF_ID_T != SIZEOF_LONG_LONG -- { "-2", (id_t)4294967294U, NULL, NULL }, -+ { "-2", (id_t)4294967294U, NULL, NULL, 0 }, - #endif -- { "4294967294", (id_t)4294967294U, NULL, NULL }, -- { NULL, 0, NULL, NULL } -+ { "4294967294", (id_t)4294967294U, NULL, NULL, 0 }, -+ { NULL, 0, NULL, NULL, 0 } - }; - - static int -@@ -104,11 +110,23 @@ test_strtoid(int *ntests) - (*ntests)++; - errstr = "some error"; - value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr); -- if (errstr != NULL) { -- if (d->id != (id_t)-1) { -- sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr); -+ if (d->errnum != 0) { -+ if (errstr == NULL) { -+ sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d", -+ d->idstr, d->errnum); -+ errors++; -+ } else if (value != 0) { -+ sudo_warnx_nodebug("FAIL: %s should return 0 on error", -+ d->idstr); -+ errors++; -+ } else if (errno != d->errnum) { -+ sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d", -+ d->idstr, errno, d->errnum); - errors++; - } -+ } else if (errstr != NULL) { -+ sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr); -+ errors++; - } else if (value != d->id) { - sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id); - errors++; -diff --git a/plugins/sudoers/regress/testsudoers/test5.out.ok b/plugins/sudoers/regress/testsudoers/test5.out.ok -index 5e319c9..cecf700 100644 ---- a/plugins/sudoers/regress/testsudoers/test5.out.ok -+++ b/plugins/sudoers/regress/testsudoers/test5.out.ok -@@ -4,7 +4,7 @@ Parse error in sudoers near line 1. - Entries for user root: - - Command unmatched --testsudoers: test5.inc should be owned by gid 4294967295 -+testsudoers: test5.inc should be owned by gid 4294967294 - Parse error in sudoers near line 1. - - Entries for user root: -diff --git a/plugins/sudoers/regress/testsudoers/test5.sh b/plugins/sudoers/regress/testsudoers/test5.sh -index 9e690a6..94d585c 100755 ---- a/plugins/sudoers/regress/testsudoers/test5.sh -+++ b/plugins/sudoers/regress/testsudoers/test5.sh -@@ -24,7 +24,7 @@ EOF - - # Test group writable - chmod 664 $TESTFILE --./testsudoers -U $MYUID -G -1 root id <<EOF -+./testsudoers -U $MYUID -G -2 root id <<EOF - #include $TESTFILE - EOF - --- -2.7.4 - |