diff -up ./lib/util/regress/atofoo/atofoo_test.c.CVE-strtouid-test ./lib/util/regress/atofoo/atofoo_test.c
--- ./lib/util/regress/atofoo/atofoo_test.c.CVE-strtouid-test	2018-04-29 21:59:23.000000000 +0200
+++ ./lib/util/regress/atofoo/atofoo_test.c	2019-10-16 09:38:31.851404545 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2014-2019 Todd C. Miller <Todd.Miller@sudo.ws>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -24,6 +24,7 @@
 #else
 # include "compat/stdbool.h"
 #endif
+#include <errno.h>
 
 #include "sudo_compat.h"
 #include "sudo_util.h"
@@ -78,15 +79,20 @@ static struct strtoid_data {
     id_t id;
     const char *sep;
     const char *ep;
+    int errnum;
 } strtoid_data[] = {
-    { "0,1", 0, ",", "," },
-    { "10", 10, NULL, NULL },
-    { "-2", -2, NULL, NULL },
+    { "0,1", 0, ",", ",", 0 },
+    { "10", 10, NULL, NULL, 0 },
+    { "-1", 0, NULL, NULL, EINVAL },
+    { "4294967295", 0, NULL, NULL, EINVAL },
+    { "4294967296", 0, NULL, NULL, ERANGE },
+    { "-2147483649", 0, NULL, NULL, ERANGE },
+    { "-2", -2, NULL, NULL, 0 },
 #if SIZEOF_ID_T != SIZEOF_LONG_LONG
-    { "-2", 4294967294U, NULL, NULL },
+    { "-2", 4294967294U, NULL, NULL, 0 },
 #endif
-    { "4294967294", 4294967294U, NULL, NULL },
-    { NULL, 0, NULL, NULL }
+    { "4294967294", 4294967294U, NULL, NULL, 0 },
+    { NULL, 0, NULL, NULL, 0 }
 };
 
 static int
@@ -102,11 +108,23 @@ test_strtoid(int *ntests)
 	(*ntests)++;
 	errstr = "some error";
 	value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr);
-	if (errstr != NULL) {
-	    if (d->id != (id_t)-1) {
-		sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
+	if (d->errnum != 0) {
+	    if (errstr == NULL) {
+		sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d",
+		    d->idstr, d->errnum);
+		errors++;
+	    } else if (value != 0) {
+		sudo_warnx_nodebug("FAIL: %s should return 0 on error",
+		    d->idstr);
+		errors++;
+	    } else if (errno != d->errnum) {
+		sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d",
+		    d->idstr, errno, d->errnum);
 		errors++;
 	    }
+	} else if (errstr != NULL) {
+	    sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr);
+	    errors++;
 	} else if (value != d->id) {
 	    sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id);
 	    errors++;
diff -up ./plugins/sudoers/regress/testsudoers/test5.out.ok.CVE-strtouid-test ./plugins/sudoers/regress/testsudoers/test5.out.ok
--- ./plugins/sudoers/regress/testsudoers/test5.out.ok.CVE-strtouid-test	2018-04-29 21:59:23.000000000 +0200
+++ ./plugins/sudoers/regress/testsudoers/test5.out.ok	2019-10-16 09:29:50.246761680 +0200
@@ -4,7 +4,7 @@ Parse error in sudoers near line 1.
 Entries for user root:
 
 Command unmatched
-testsudoers: test5.inc should be owned by gid 4294967295
+testsudoers: test5.inc should be owned by gid 4294967294
 Parse error in sudoers near line 1.
 
 Entries for user root:
diff -up ./plugins/sudoers/regress/testsudoers/test5.sh.CVE-strtouid-test ./plugins/sudoers/regress/testsudoers/test5.sh
--- ./plugins/sudoers/regress/testsudoers/test5.sh.CVE-strtouid-test	2018-04-29 21:59:23.000000000 +0200
+++ ./plugins/sudoers/regress/testsudoers/test5.sh	2019-10-16 09:29:50.246761680 +0200
@@ -24,7 +24,7 @@ EOF
 
 # Test group writable
 chmod 664 $TESTFILE
-./testsudoers -U $MYUID -G -1 root id <<EOF
+./testsudoers -U $MYUID -G -2 root id <<EOF
 #include $TESTFILE
 EOF