fix from Peter Samuelson for use-after-free bug parsing wildcards in sudoers

[debian/sudo] / sudo.c

diff --git a/sudo.c b/sudo.c
index e630059d269414ef6536e3408c277c910129918b..6eb5930b165cd1c03c6ced4d304ba724fdb2917d 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -131,6 +131,7 @@ extern char **insert_env_vars               __P((char **, struct list_member *));
 extern struct passwd *sudo_getpwnam    __P((const char *));
 extern struct passwd *sudo_getpwuid    __P((uid_t));
 extern struct passwd *sudo_pwdup       __P((const struct passwd *));
+extern void runas_resetgroups          __P((void));
 
 /*
  * Globals
@@ -1240,6 +1241,7 @@ set_runaspw(user)
        if (runas_pw == NULL)
            log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", user);
     }
+    runas_resetgroups();
     return(TRUE);
 }