poky/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch

From 396bc57feff3e360007634f62448b64e0626390c Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Thu, 10 Oct 2019 10:04:13 -0600
Subject: [PATCH] Add sudo_strtoid() tests for -1 and range errors. Also adjust
 testsudoers/test5 which relied upon gid -1 parsing.

Upstream-Status: Backport [https://github.com/sudo-project/sudo/commit/396bc57]
CVE: CVE-2019-14287

Signed-off-by: Changqing Li <changqing.li@windriver.com>

---
 lib/util/regress/atofoo/atofoo_test.c            | 36 ++++++++++++++++------
 plugins/sudoers/regress/testsudoers/test5.out.ok |  2 +-
 plugins/sudoers/regress/testsudoers/test5.sh     |  2 +-
 3 files changed, 29 insertions(+), 11 deletions(-)

diff --git a/lib/util/regress/atofoo/atofoo_test.c b/lib/util/regress/atofoo/atofoo_test.c
index 031a7ed..fb41c1a 100644
--- a/lib/util/regress/atofoo/atofoo_test.c
+++ b/lib/util/regress/atofoo/atofoo_test.c
@@ -26,6 +26,7 @@
 #else
 # include "compat/stdbool.h"
 #endif
+#include <errno.h>
 
 #include "sudo_compat.h"
 #include "sudo_util.h"
@@ -80,15 +81,20 @@ static struct strtoid_data {
     id_t id;
     const char *sep;
     const char *ep;
+    int errnum;
 } strtoid_data[] = {
-    { "0,1", 0, ",", "," },
-    { "10", 10, NULL, NULL },
-    { "-2", -2, NULL, NULL },
+    { "0,1", 0, ",", ",", 0 },
+    { "10", 10, NULL, NULL, 0 },
+    { "-1", 0, NULL, NULL, EINVAL },
+    { "4294967295", 0, NULL, NULL, EINVAL },
+    { "4294967296", 0, NULL, NULL, ERANGE },
+    { "-2147483649", 0, NULL, NULL, ERANGE },
+    { "-2", -2, NULL, NULL, 0 },
 #if SIZEOF_ID_T != SIZEOF_LONG_LONG
-    { "-2", (id_t)4294967294U, NULL, NULL },
+    { "-2", (id_t)4294967294U, NULL, NULL, 0 },
 #endif
-    { "4294967294", (id_t)4294967294U, NULL, NULL },
-    { NULL, 0, NULL, NULL }
+    { "4294967294", (id_t)4294967294U, NULL, NULL, 0 },
+    { NULL, 0, NULL, NULL, 0 }
 };
 
 static int
@@ -104,11 +110,23 @@ test_strtoid(int *ntests)
 	(*ntests)++;
 	errstr = "some error";
 	value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr);
-	if (errstr != NULL) {
-	    if (d->id != (id_t)-1) {
-		sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
+	if (d->errnum != 0) {
+	    if (errstr == NULL) {
+		sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d",
+		    d->idstr, d->errnum);
+		errors++;
+	    } else if (value != 0) {
+		sudo_warnx_nodebug("FAIL: %s should return 0 on error",
+		    d->idstr);
+		errors++;
+	    } else if (errno != d->errnum) {
+		sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d",
+		    d->idstr, errno, d->errnum);
 		errors++;
 	    }
+	} else if (errstr != NULL) {
+	    sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
+	    errors++;
 	} else if (value != d->id) {
 	    sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id);
 	    errors++;
diff --git a/plugins/sudoers/regress/testsudoers/test5.out.ok b/plugins/sudoers/regress/testsudoers/test5.out.ok
index 5e319c9..cecf700 100644
--- a/plugins/sudoers/regress/testsudoers/test5.out.ok
+++ b/plugins/sudoers/regress/testsudoers/test5.out.ok
@@ -4,7 +4,7 @@ Parse error in sudoers near line 1.
 Entries for user root:
 
 Command unmatched
-testsudoers: test5.inc should be owned by gid 4294967295
+testsudoers: test5.inc should be owned by gid 4294967294
 Parse error in sudoers near line 1.
 
 Entries for user root:
diff --git a/plugins/sudoers/regress/testsudoers/test5.sh b/plugins/sudoers/regress/testsudoers/test5.sh
index 9e690a6..94d585c 100755
--- a/plugins/sudoers/regress/testsudoers/test5.sh
+++ b/plugins/sudoers/regress/testsudoers/test5.sh
@@ -24,7 +24,7 @@ EOF
 
 # Test group writable
 chmod 664 $TESTFILE
-./testsudoers -U $MYUID -G -1 root id <<EOF
+./testsudoers -U $MYUID -G -2 root id <<EOF
 #include $TESTFILE
 EOF
 
-- 
2.7.4