From a3e37b3468d9b32b893c6c038270f7c67233fc48 Mon Sep 17 00:00:00 2001 From: Sam Bingner Date: Sun, 17 Mar 2019 21:30:36 -1000 Subject: Update sudo to 1.8.27 and make it handle shebangs --- data/sudo/_metadata/version | 2 +- data/sudo/shebang.diff | 27 +++++++++++++++++++++++++++ data/sudo/sudo-1.8.23.tar.gz | Bin 3150674 -> 0 bytes data/sudo/sudo-1.8.27.tar.gz | Bin 0 -> 3293178 bytes 4 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 data/sudo/shebang.diff delete mode 100644 data/sudo/sudo-1.8.23.tar.gz create mode 100644 data/sudo/sudo-1.8.27.tar.gz (limited to 'data') diff --git a/data/sudo/_metadata/version b/data/sudo/_metadata/version index 02408ef69..3741959db 100644 --- a/data/sudo/_metadata/version +++ b/data/sudo/_metadata/version @@ -1 +1 @@ -1.8.23 +1.8.27 diff --git a/data/sudo/shebang.diff b/data/sudo/shebang.diff new file mode 100644 index 000000000..c57c84ba1 --- /dev/null +++ b/data/sudo/shebang.diff @@ -0,0 +1,27 @@ +diff -ur sudo-1.8.27/src/exec_common.c sudo-1.8.27+enoexec/src/exec_common.c +--- sudo-1.8.27/src/exec_common.c 2019-01-02 04:37:41.000000000 -1000 ++++ sudo-1.8.27+enoexec/src/exec_common.c 2019-03-17 23:40:50.000000000 -1000 +@@ -200,17 +200,19 @@ + else + #endif + execve(path, argv, envp); +- if (fd == -1 && errno == ENOEXEC) { ++ if (fd == -1 && (errno == ENOEXEC || errno == EPERM)) { + int argc; + char **nargv; + + for (argc = 0; argv[argc] != NULL; argc++) + continue; +- nargv = reallocarray(NULL, argc + 2, sizeof(char *)); ++ nargv = reallocarray(NULL, argc + 4, sizeof(char *)); + if (nargv != NULL) { + nargv[0] = "sh"; +- nargv[1] = (char *)path; +- memcpy(nargv + 2, argv + 1, argc * sizeof(char *)); ++ nargv[1] = "-c"; ++ nargv[2] = "exec \"$0\" \"$@\""; ++ nargv[3] = (char *)path; ++ memcpy(nargv + 4, argv + 1, argc * sizeof(char *)); + execve(_PATH_SUDO_BSHELL, nargv, envp); + free(nargv); + } diff --git a/data/sudo/sudo-1.8.23.tar.gz b/data/sudo/sudo-1.8.23.tar.gz deleted file mode 100644 index 09f772023..000000000 Binary files a/data/sudo/sudo-1.8.23.tar.gz and /dev/null differ diff --git a/data/sudo/sudo-1.8.27.tar.gz b/data/sudo/sudo-1.8.27.tar.gz new file mode 100644 index 000000000..4f95fcb77 Binary files /dev/null and b/data/sudo/sudo-1.8.27.tar.gz differ -- cgit v1.2.3