Package: sudo
Version: 1.8.2-1
Severity: important
Tags: upstream patch
Hello!
After upgrading sudo to 1.8.2-1 today, I received a segfault immediately
after startup, no matter what command I tried to run. The only exception
to this was if the command didn't exist, in which case sudo would print
the normal message to stderr saying 'command not found'.
gdb backtrace after the segfault:
#0 utmp_setid (new=0x7fffffffdce0, old=0x0)
at /root/sudo-build/sudo-1.8.2/src/utmp.c:101
#1 utmp_fill (ut_new=<optimized out>, ut_old=<optimized out>,
user=<optimized out>, line=<optimized out>)
at /root/sudo-build/sudo-1.8.2/src/utmp.c:153
#2 utmp_login (from_line=<optimized out>, to_line=0x60fbe5 "ttyp1",
ttyfd=<optimized out>, user=0x6139a5 "root")
at /root/sudo-build/sudo-1.8.2/src/utmp.c:193
#3 0x0000000000404ce5 in sudo_execve (details=0x7fffffffe4c0,
cstat=0x7fffffffdf70) at /root/sudo-build/sudo-1.8.2/src/exec.c:238
#4 0x00000000004091fc in run_command (details=<optimized out>)
at /root/sudo-build/sudo-1.8.2/src/sudo.c:1063
#5 0x0000000000403e25 in main (argc=2, argv=0x7fffffffe4c0,
envp=0x7fffffffe670) at /root/sudo-build/sudo-1.8.2/src/sudo.c:295
The problem is that it is trying to use the pointer old, which has a
value of 0x0, without first testing if it is null. The logic preceding
this event only assigns a value to this pointer inside a conditional, so
it is quite conceivable (and happened to me!) that it has not been
initialised.
The attached (trivial) quilt patch fixes the problem, although as I don't
really understand what the logic in this part of the code is trying to do
there may well be a better way of fixing it.
Please let me know if you need any further information!
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (800, 'unstable'), (700, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 8.2-1-amd64
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sudo depends on:
ii libc0.1 2.13-18 Embedded GNU C Library: Shared lib
ii libpam-modules 1.1.3-2 Pluggable Authentication Modules f
ii libpam0g 1.1.3-2 Pluggable Authentication Modules l
sudo recommends no packages.
sudo suggests no packages.
-- Configuration Files:
/etc/sudoers [Errno 13] Permission denied: u'/etc/sudoers'
/etc/sudoers.d/README [Errno 13] Permission denied: u'/etc/sudoers.d/README'
-- debconf-show failed
Fixes segfault on startup under certain conditions
--- a/src/utmp.c
+++ b/src/utmp.c
@@ -96,7 +96,7 @@
size_t idlen;
/* Skip over "tty" in the id if old entry did too. */
- if (strncmp(line, "tty", 3) == 0) {
+ if (old != NULL && strncmp(line, "tty", 3) == 0) {
idlen = MIN(sizeof(old->ut_id), 3);
if (strncmp(old->ut_id, "tty", idlen) != 0)
line += 3;
