1
Description: Prevent IPv6 netmask-based address matching logic from incorrectly
2
being applied to IPv4 addresses.
3
Author: Todd C. Miller <Todd.Miller@courtesan.com>
5
Index: sudo-1.7.4p6/match.c
6
===================================================================
7
--- sudo-1.7.4p6.orig/match.c 2011-01-12 08:46:58.000000000 -0600
8
+++ sudo-1.7.4p6/match.c 2012-05-14 17:45:16.258916540 -0500
11
if (ifp->family != family)
16
if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
17
(ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
20
if (j == sizeof(addr.ip6.s6_addr))
28
if (ifp->family != family)
33
if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
38
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
41
if (j == sizeof(addr.ip6.s6_addr))
44
#endif /* HAVE_IN6_ADDR */