diff -up sudo-1.8.8/plugins/sudoers/auth/pam.c.clangbugs sudo-1.8.8/plugins/sudoers/auth/pam.c
--- sudo-1.8.8/plugins/sudoers/auth/pam.c.clangbugs 2013-09-30 23:41:07.899529555 +0200
+++ sudo-1.8.8/plugins/sudoers/auth/pam.c 2013-09-30 23:41:58.988707761 +0200
@@ -246,6 +246,7 @@ sudo_pam_begin_session(struct passwd *pw
(void) pam_end(pamh, *pam_status | PAM_DATA_SILENT);
pamh = NULL;
status = AUTH_FAILURE;
+ goto done;
}
}
diff -up sudo-1.8.8/plugins/sudoers/sssd.c.clangbugs sudo-1.8.8/plugins/sudoers/sssd.c
--- sudo-1.8.8/plugins/sudoers/sssd.c.clangbugs 2013-09-30 23:44:20.404200629 +0200
+++ sudo-1.8.8/plugins/sudoers/sssd.c 2013-09-30 23:49:05.998194738 +0200
@@ -310,11 +310,10 @@ static int sudo_sss_close(struct sudo_ns
debug_decl(sudo_sss_close, SUDO_DEBUG_SSSD);
if (nss && nss->handle) {
- handle = nss->handle;
- dlclose(handle->ssslib);
+ handle = nss->handle;
+ dlclose(handle->ssslib);
+ efree(nss->handle);
}
-
- efree(nss->handle);
debug_return_int(0);
}
@@ -705,17 +704,21 @@ sudo_sss_result_get(struct sudo_nss *nss
sudo_sss_result_filterp, _SUDO_SSS_FILTER_INCLUDE, NULL);
if (f_sss_result != NULL) {
- if (f_sss_result->num_rules > 0) {
- if (state != NULL) {
- sudo_debug_printf(SUDO_DEBUG_DEBUG, "state |= HOSTMATCH");
- *state |= _SUDO_SSS_STATE_HOSTMATCH;
+ if (f_sss_result->num_rules > 0) {
+ if (state != NULL) {
+ sudo_debug_printf(SUDO_DEBUG_DEBUG, "state |= HOSTMATCH");
+ *state |= _SUDO_SSS_STATE_HOSTMATCH;
+ }
}
- }
- }
- sudo_debug_printf(SUDO_DEBUG_DEBUG,
- "u_sss_result=(%p, %u) => f_sss_result=(%p, %u)", u_sss_result,
- u_sss_result->num_rules, f_sss_result, f_sss_result->num_rules);
+ sudo_debug_printf(SUDO_DEBUG_DEBUG,
+ "u_sss_result=(%p, %u) => f_sss_result=(%p, %u)", u_sss_result,
+ u_sss_result->num_rules, f_sss_result, f_sss_result->num_rules);
+ } else {
+ sudo_debug_printf(SUDO_DEBUG_DEBUG,
+ "u_sss_result=(%p, %u) => f_sss_result=NULL",
+ u_sss_result, u_sss_result->num_rules);
+ }
handle->fn_free_result(u_sss_result);