Bdale, what's your stance on this?
Regards, Joey Alexandra N. Kossovsky wrote: > Package: sudo-ldap > Version: 1.6.9p17-2+lenny1 > Severity: grave > Tags: security patch > Justification: user security hole > > Hello. > > Following patch fixes memory access after free(): > > --- parse.c 2010-05-05 13:43:20.000000000 +0400 > +++ parse.c.fixed 2010-05-05 13:42:45.000000000 +0400 > @@ -316,9 +316,11 @@ > break; > } > } > - globfree(&gl); > - if (*ap == NULL) > + if (*ap == NULL) { > + globfree(&gl); > return(FALSE); > + } > + globfree(&gl); > > if (!sudoers_args || > (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) || > > > Since ap points to the memory inside gl_pathv, it is not correct to > check ap value when gl is freed. sudo is a security sensitive > application, and there may be various effects of such access. > > I've created this patch after exploring the problem similar to Debian > bugs 556562 578601. The patch fixes my problem. -- It's time to close the windows. Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org