sudo/sudo-1.8.16-seshargsfix.patch

diff -up sudo-1.8.16/src/selinux.c.seshargsfix sudo-1.8.16/src/selinux.c
--- sudo-1.8.16/src/selinux.c.seshargsfix	2016-03-17 17:13:10.000000000 +0100
+++ sudo-1.8.16/src/selinux.c	2016-05-13 11:14:04.628296996 +0200
@@ -378,7 +378,7 @@ selinux_execve(int fd, const char *path,
 {
     char **nargv;
     const char *sesh;
-    int argc, serrno;
+    int argc, nargc, serrno;
     debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
 
     sesh = sudo_conf_sesh_path();
@@ -409,9 +409,7 @@ selinux_execve(int fd, const char *path,
      */
     for (argc = 0; argv[argc] != NULL; argc++)
 	continue;
-    if (fd != -1)
-	argc++;
-    nargv = reallocarray(NULL, argc + 2, sizeof(char *));
+    nargv = reallocarray(NULL, argc + 3, sizeof(char *));
     if (nargv == NULL) {
 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
 	debug_return;
@@ -420,13 +418,13 @@ selinux_execve(int fd, const char *path,
 	nargv[0] = *argv[0] == '-' ? "-sesh-noexec" : "sesh-noexec";
     else
 	nargv[0] = *argv[0] == '-' ? "-sesh" : "sesh";
-    argc = 1;
-    if (fd != -1 && asprintf(&nargv[argc++], "--execfd=%d", fd) == -1) {
+    nargc = 1;
+    if (fd != -1 && asprintf(&nargv[nargc++], "--execfd=%d", fd) == -1) {
 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
 	debug_return;
     }
-    nargv[argc] = (char *)path;
-    memcpy(&nargv[argc + 1], &argv[argc], argc * sizeof(char *)); /* copies NULL */
+    nargv[nargc++] = (char *)path;
+    memcpy(&nargv[nargc], &argv[1], argc * sizeof(char *)); /* copies NULL */
 
     /* sesh will handle noexec for us. */
     sudo_execve(-1, sesh, nargv, envp, false);
fixed invalid sesh argument array construction 2016-05-12 07:33:11 +00:00			`diff -up sudo-1.8.16/src/selinux.c.seshargsfix sudo-1.8.16/src/selinux.c`
			`--- sudo-1.8.16/src/selinux.c.seshargsfix 2016-03-17 17:13:10.000000000 +0100`
fixed upstream patch for rhbz#1328735 2016-05-13 09:28:06 +00:00			`+++ sudo-1.8.16/src/selinux.c 2016-05-13 11:14:04.628296996 +0200`
fixed invalid sesh argument array construction 2016-05-12 07:33:11 +00:00			`@@ -378,7 +378,7 @@ selinux_execve(int fd, const char *path,`
			`{`
			`char **nargv;`
			`const char *sesh;`
			`- int argc, serrno;`
			`+ int argc, nargc, serrno;`
			`debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)`

			`sesh = sudo_conf_sesh_path();`
			`@@ -409,9 +409,7 @@ selinux_execve(int fd, const char *path,`
			`*/`
			`for (argc = 0; argv[argc] != NULL; argc++)`
			`continue;`
			`- if (fd != -1)`
			`- argc++;`
			`- nargv = reallocarray(NULL, argc + 2, sizeof(char *));`
			`+ nargv = reallocarray(NULL, argc + 3, sizeof(char *));`
			`if (nargv == NULL) {`
			`sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));`
			`debug_return;`
			`@@ -420,13 +418,13 @@ selinux_execve(int fd, const char *path,`
			`nargv[0] = *argv[0] == '-' ? "-sesh-noexec" : "sesh-noexec";`
			`else`
			`nargv[0] = *argv[0] == '-' ? "-sesh" : "sesh";`
			`- argc = 1;`
			`- if (fd != -1 && asprintf(&nargv[argc++], "--execfd=%d", fd) == -1) {`
			`+ nargc = 1;`
			`+ if (fd != -1 && asprintf(&nargv[nargc++], "--execfd=%d", fd) == -1) {`
			`sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));`
			`debug_return;`
			`}`
			`- nargv[argc] = (char *)path;`
			`- memcpy(&nargv[argc + 1], &argv[argc], argc * sizeof(char )); / copies NULL */`
			`+ nargv[nargc++] = (char *)path;`
fixed upstream patch for rhbz#1328735 2016-05-13 09:28:06 +00:00			`+ memcpy(&nargv[nargc], &argv[1], argc * sizeof(char )); / copies NULL */`
fixed invalid sesh argument array construction 2016-05-12 07:33:11 +00:00
			`/* sesh will handle noexec for us. */`
			`sudo_execve(-1, sesh, nargv, envp, false);`