summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2014-04-24 16:29:49 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2014-04-24 16:29:49 +0000
commit79657697514bb6c99ca7d4c2c3ecb4f8f59b7545 (patch)
tree11551c038df2a1cae760d0e766ea21b73517aec7 /usr.bin
parent68f5d61e3a48539f8bb9a33ab8ecf305268e6f8f (diff)
Fix logic inversion when checking environment variables on the
command line against the blacklist. This is only a problem when env_reset is disabled. CVE 2014-0106
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/sudo/env.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.bin/sudo/env.c b/usr.bin/sudo/env.c
index 3dc11836ecc..ef2785d95bf 100644
--- a/usr.bin/sudo/env.c
+++ b/usr.bin/sudo/env.c
@@ -832,7 +832,7 @@ validate_env_vars(env_vars)
okvar = matches_env_keep(var->value);
} else {
okvar = matches_env_delete(var->value) == FALSE;
- if (okvar == FALSE)
+ if (okvar == TRUE)
okvar = matches_env_check(var->value) != FALSE;
}
if (okvar == FALSE) {