saidelike/sudo-baron-samedit-10.cpp

## sudo-baron-samedit-10.cpp
//sudo_1.8.23-9.el7/plugins/sudoers/sudoers.c
int
sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
    void *closure)
{
    ...

    /* Find command in path and apply per-command Defaults. */
[a] cmnd_status = set_cmnd();
    if (cmnd_status == NOT_FOUND_ERROR)
        goto done;

    /* Check for -C overriding def_closefrom. */
    if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
        if (!def_closefrom_override) {
            /* XXX - audit? */
            sudo_warnx(U_("you are not permitted to use the -C option"));
            goto bad;
        }
        def_closefrom = user_closefrom;
    }

[b] [... lots of code here ...]

    /* Require a password if sudoers says so.  */
[c] switch (check_user(validated, sudo_mode)) {
    case true:
        /* user authenticated successfully. */
        break;
	//sudo_1.8.23-9.el7/plugins/sudoers/sudoers.c
	int
	sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
	void *closure)
	{
	...

	/* Find command in path and apply per-command Defaults. */
	[a] cmnd_status = set_cmnd();
	if (cmnd_status == NOT_FOUND_ERROR)
	goto done;

	/* Check for -C overriding def_closefrom. */
	if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
	if (!def_closefrom_override) {
	/* XXX - audit? */
	sudo_warnx(U_("you are not permitted to use the -C option"));
	goto bad;
	}
	def_closefrom = user_closefrom;
	}

	[b] [... lots of code here ...]

	/* Require a password if sudoers says so. */
	[c] switch (check_user(validated, sudo_mode)) {
	case true:
	/* user authenticated successfully. */
	break;