Package: sudo / 1.7.4p4-2.squeeze.6

cve-2013-1775.patch Patch series | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# HG changeset patch
# User Todd C. Miller <Todd.Miller@courtesan.com>
# Date 1361459125 18000
# Node ID ddf399e3e306ca238f6f1cda8153889b15bba12e
# Parent  ac2bf49a24b8f8cec453f8d0623be17e954414c6
Completely ignore time stamp file if it is set to the epoch,
regardless of what gettimeofday() returns.

Index: sudo-1.7.4p6/check.c
===================================================================
--- sudo-1.7.4p6.orig/check.c	2013-02-27 13:36:12.373219996 -0500
+++ sudo-1.7.4p6/check.c	2013-02-27 13:37:49.305222478 -0500
@@ -591,31 +591,34 @@
      */
     if (status == TS_OLD && !ISSET(flags, TS_REMOVE)) {
 	mtim_get(&sb, &mtime);
-	/* Negative timeouts only expire manually (sudo -k). */
-	if (def_timestamp_timeout < 0 && mtime.tv_sec != 0)
-	    status = TS_CURRENT;
-	else {
-	    now = time(NULL);
-	    if (def_timestamp_timeout &&
-		now - mtime.tv_sec < 60 * def_timestamp_timeout) {
-		/*
-		 * Check for bogus time on the stampfile.  The clock may
-		 * have been set back or someone could be trying to spoof us.
-		 */
-		if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
-		    time_t tv_sec = (time_t)mtime.tv_sec;
-		    log_error(NO_EXIT,
-			"timestamp too far in the future: %20.20s",
-			4 + ctime(&tv_sec));
-		    if (timestampfile)
-			(void) unlink(timestampfile);
-		    else
-			(void) rmdir(timestampdir);
-		    status = TS_MISSING;
-		} else if (get_boottime(&boottime) && timevalcmp(&mtime, &boottime, <)) {
-		    status = TS_OLD;
-		} else {
-		    status = TS_CURRENT;
+	if (timevalisset(&mtime)) {
+	    /* Negative timeouts only expire manually (sudo -k). */
+	    if (def_timestamp_timeout < 0) {
+		status = TS_CURRENT;
+	    } else {
+		now = time(NULL);
+		if (def_timestamp_timeout &&
+		    now - mtime.tv_sec < 60 * def_timestamp_timeout) {
+		    /*
+		     * Check for bogus time on the stampfile.  The clock may
+		     * have been set back or user could be trying to spoof us.
+		     */
+		    if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
+			time_t tv_sec = (time_t)mtime.tv_sec;
+			log_error(NO_EXIT,
+			    "timestamp too far in the future: %20.20s",
+			    4 + ctime(&tv_sec));
+			if (timestampfile)
+			    (void) unlink(timestampfile);
+			else
+			    (void) rmdir(timestampdir);
+			status = TS_MISSING;
+		    } else if (get_boottime(&boottime) &&
+			timevalcmp(&mtime, &boottime, <)) {
+			status = TS_OLD;
+		    } else {
+			status = TS_CURRENT;
+		    }
 		}
 	    }
 	}