From c0063cebde36c95e2d7b0aabb2ebc4f83475e789 Mon Sep 17 00:00:00 2001
From: Daniel Kopecek <dkopecek@redhat.com>
Date: May 12 2016 07:33:11 +0000
Subject: fixed invalid sesh argument array construction


---

diff --git a/sudo-1.8.16-seshargsfix.patch b/sudo-1.8.16-seshargsfix.patch
new file mode 100644
index 0000000..43418bc
--- /dev/null
+++ b/sudo-1.8.16-seshargsfix.patch
@@ -0,0 +1,41 @@
+diff -up sudo-1.8.16/src/selinux.c.seshargsfix sudo-1.8.16/src/selinux.c
+--- sudo-1.8.16/src/selinux.c.seshargsfix	2016-03-17 17:13:10.000000000 +0100
++++ sudo-1.8.16/src/selinux.c	2016-05-12 09:29:14.687014460 +0200
+@@ -378,7 +378,7 @@ selinux_execve(int fd, const char *path,
+ {
+     char **nargv;
+     const char *sesh;
+-    int argc, serrno;
++    int argc, nargc, serrno;
+     debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
+ 
+     sesh = sudo_conf_sesh_path();
+@@ -409,9 +409,7 @@ selinux_execve(int fd, const char *path,
+      */
+     for (argc = 0; argv[argc] != NULL; argc++)
+ 	continue;
+-    if (fd != -1)
+-	argc++;
+-    nargv = reallocarray(NULL, argc + 2, sizeof(char *));
++    nargv = reallocarray(NULL, argc + 3, sizeof(char *));
+     if (nargv == NULL) {
+ 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+ 	debug_return;
+@@ -420,13 +418,13 @@ selinux_execve(int fd, const char *path,
+ 	nargv[0] = *argv[0] == '-' ? "-sesh-noexec" : "sesh-noexec";
+     else
+ 	nargv[0] = *argv[0] == '-' ? "-sesh" : "sesh";
+-    argc = 1;
+-    if (fd != -1 && asprintf(&nargv[argc++], "--execfd=%d", fd) == -1) {
++    nargc = 1;
++    if (fd != -1 && asprintf(&nargv[nargc++], "--execfd=%d", fd) == -1) {
+ 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+ 	debug_return;
+     }
+-    nargv[argc] = (char *)path;
+-    memcpy(&nargv[argc + 1], &argv[argc], argc * sizeof(char *)); /* copies NULL */
++    nargv[nargc++] = (char *)path;
++    memcpy(&nargv[nargc], &argv[argc], argc * sizeof(char *)); /* copies NULL */
+ 
+     /* sesh will handle noexec for us. */
+     sudo_execve(-1, sesh, nargv, envp, false);
diff --git a/sudo.spec b/sudo.spec
index 7f54c1f..3b7ffdb 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.8.16
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: ISC
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -32,6 +32,8 @@ Patch2: sudo-1.8.14p1-ldapconfpatch.patch
 Patch3: sudo-1.8.14p1-docpassexpire.patch
 # Patch initialize variable before executing sudo_strsplit
 Patch4: sudo-1.8.14p3-initialization.patch
+# 1328735 - Weird sudo issue that seems to be selinux related
+Patch5: sudo-1.8.16-seshargsfix.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -60,6 +62,7 @@ plugins that use %{name}.
 %patch2 -p1 -b .ldapconfpatch
 %patch3 -p1 -b .docpassexpire
 %patch4 -p1 -b .initialization
+%patch5 -p1 -b .seshargsfix
 
 %build
 # Remove bundled copy of zlib
@@ -198,6 +201,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libexecdir}/sudo/libsudo_util.so
 
 %changelog
+* Thu May 12 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-2
+- fixed invalid sesh argument array construction
+
 * Mon Apr 04 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.16-1
 - update to 1.8.16