sudo/sme9/sudo-1.8.6p3-strictuidgid.patch

diff -up sudo-1.8.6p3/plugins/sudoers/match.c.strictuidgid sudo-1.8.6p3/plugins/sudoers/match.c
--- sudo-1.8.6p3/plugins/sudoers/match.c.strictuidgid   2012-09-18 15:56:29.000000000 +0200
+++ sudo-1.8.6p3/plugins/sudoers/match.c        2013-08-08 16:22:00.413281960 +0200
@@ -650,14 +650,16 @@ hostname_matches(char *shost, char *lhos
 bool
 userpw_matches(char *sudoers_user, char *user, struct passwd *pw)
 {
-    debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
-
-    if (pw != NULL && *sudoers_user == '#') {
-       uid_t uid = (uid_t) atoi(sudoers_user + 1);
-       if (uid == pw->pw_uid)
-           debug_return_bool(true);
-    }
-    debug_return_bool(strcmp(sudoers_user, user) == 0);
+       debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
+       if (pw != NULL && *sudoers_user == '#') {
+               char *end = NULL;
+               uid_t uid = (uid_t) strtol(sudoers_user + 1, &end, 10);
+               if (end != NULL && (sudoers_user[1] != '\0' && *end == '\0')) {
+                       if (uid == pw->pw_uid)
+                               debug_return_bool(true);
+               }
+       }
+       debug_return_bool(strcmp(sudoers_user, user) == 0);
 }
 
 /*
@@ -667,14 +669,16 @@ userpw_matches(char *sudoers_user, char
 bool
 group_matches(char *sudoers_group, struct group *gr)
 {
-    debug_decl(group_matches, SUDO_DEBUG_MATCH)
-
-    if (*sudoers_group == '#') {
-       gid_t gid = (gid_t) atoi(sudoers_group + 1);
-       if (gid == gr->gr_gid)
-           debug_return_bool(true);
-    }
-    debug_return_bool(strcmp(gr->gr_name, sudoers_group) == 0);
+       debug_decl(group_matches, SUDO_DEBUG_MATCH)
+       if (*sudoers_group == '#') {
+               char *end = NULL;
+               gid_t gid = (gid_t) strtol(sudoers_group + 1, &end, 10);
+               if (end != NULL && (sudoers_group[1] != '\0' && *end == '\0')) {
+                       if (gid == gr->gr_gid)
+                               debug_return_bool(true);
+               }
+       }
+       debug_return_bool(strcmp(gr->gr_name, sudoers_group) == 0);
 }
 
 /*
1	jpp	1.1	diff -up sudo-1.8.6p3/plugins/sudoers/match.c.strictuidgid sudo-1.8.6p3/plugins/sudoers/match.c
2			--- sudo-1.8.6p3/plugins/sudoers/match.c.strictuidgid 2012-09-18 15:56:29.000000000 +0200
3			+++ sudo-1.8.6p3/plugins/sudoers/match.c 2013-08-08 16:22:00.413281960 +0200
4			@@ -650,14 +650,16 @@ hostname_matches(char shost, char lhos
5			bool
6			userpw_matches(char sudoers_user, char user, struct passwd *pw)
7			{
8			- debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
9			-
10			- if (pw != NULL && *sudoers_user == '#') {
11			- uid_t uid = (uid_t) atoi(sudoers_user + 1);
12			- if (uid == pw->pw_uid)
13			- debug_return_bool(true);
14			- }
15			- debug_return_bool(strcmp(sudoers_user, user) == 0);
16			+ debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
17			+ if (pw != NULL && *sudoers_user == '#') {
18			+ char *end = NULL;
19			+ uid_t uid = (uid_t) strtol(sudoers_user + 1, &end, 10);
20			+ if (end != NULL && (sudoers_user[1] != '\0' && *end == '\0')) {
21			+ if (uid == pw->pw_uid)
22			+ debug_return_bool(true);
23			+ }
24			+ }
25			+ debug_return_bool(strcmp(sudoers_user, user) == 0);
26			}
27
28			/*
29			@@ -667,14 +669,16 @@ userpw_matches(char *sudoers_user, char
30			bool
31			group_matches(char sudoers_group, struct group gr)
32			{
33			- debug_decl(group_matches, SUDO_DEBUG_MATCH)
34			-
35			- if (*sudoers_group == '#') {
36			- gid_t gid = (gid_t) atoi(sudoers_group + 1);
37			- if (gid == gr->gr_gid)
38			- debug_return_bool(true);
39			- }
40			- debug_return_bool(strcmp(gr->gr_name, sudoers_group) == 0);
41			+ debug_decl(group_matches, SUDO_DEBUG_MATCH)
42			+ if (*sudoers_group == '#') {
43			+ char *end = NULL;
44			+ gid_t gid = (gid_t) strtol(sudoers_group + 1, &end, 10);
45			+ if (end != NULL && (sudoers_group[1] != '\0' && *end == '\0')) {
46			+ if (gid == gr->gr_gid)
47			+ debug_return_bool(true);
48			+ }
49			+ }
50			+ debug_return_bool(strcmp(gr->gr_name, sudoers_group) == 0);
51			}
52
53			/*