Apply by doing:
cd /usr/src
patch -p0 < 003_sudo.patch
The rebuild sudo:
cd usr.bin/sudo
make obj
make depend
make
make install
Index: usr.bin/sudo/parse.yacc
===================================================================
RCS file: /home/cvs/openbsd/src/usr.bin/sudo/parse.yacc,v
retrieving revision 1.10
diff -u -r1.10 parse.yacc
--- usr.bin/sudo/parse.yacc 28 Sep 2004 15:10:51 -0000 1.10
+++ usr.bin/sudo/parse.yacc 20 Jun 2005 14:17:26 -0000
@@ -676,10 +676,6 @@
}
$$ = TRUE;
-
- if (safe_cmnd)
- free(safe_cmnd);
- safe_cmnd = estrdup(user_cmnd);
}
| ALIAS {
aliasinfo *aip;
Index: usr.bin/sudo/sudo.c
===================================================================
RCS file: /home/cvs/openbsd/src/usr.bin/sudo/sudo.c,v
retrieving revision 1.24
diff -u -r1.24 sudo.c
--- usr.bin/sudo/sudo.c 31 Jan 2005 18:53:33 -0000 1.24
+++ usr.bin/sudo/sudo.c 20 Jun 2005 14:17:26 -0000
@@ -275,6 +275,8 @@
/* Validate the user but don't search for pseudo-commands. */
validated = sudoers_lookup(pwflag);
}
+ if (safe_cmnd == NULL)
+ safe_cmnd = user_cmnd;
/*
* If we are using set_perms_posix() and the stay_setuid flag was not set,
@@ -389,14 +391,6 @@
sudo_ldap_list_matches();
#endif
exit(0);
- }
-
- /* This *must* have been set if we got a match but... */
- if (safe_cmnd == NULL) {
- log_error(MSG_ONLY,
- "internal error, safe_cmnd never got set for %s; %s",
- user_cmnd,
- "please report this error at
http://courtesan.com/sudo/bugs/");
}
/* Override user's umask if configured to do so. */
Index: usr.bin/sudo/version.h
===================================================================
RCS file: /home/cvs/openbsd/src/usr.bin/sudo/version.h,v
retrieving revision 1.28
diff -u -r1.28 version.h
--- usr.bin/sudo/version.h 5 Feb 2005 23:31:53 -0000 1.28
+++ usr.bin/sudo/version.h 20 Jun 2005 14:17:34 -0000
@@ -23,6 +23,6 @@
#ifndef _SUDO_VERSION_H
#define _SUDO_VERSION_H
-static const char version[] = "1.6.8p6";
+static const char version[] = "1.6.8p6+race_fix";
#endif /* _SUDO_VERSION_H */
