CVSROOT:        /cvs
Module name:    src
Changes by:     [email protected]       2026/06/27 23:33:20

Modified files:
        sbin/iked      : proc.c 
        usr.sbin/httpd : proc.c 
        usr.sbin/relayd: proc.c 
        usr.sbin/snmpd : proc.c 

Log message:
restrict IMSG_CTL_PROCFD to parent and check process id/instance

IMSG_CTL_PROCFD messages contain a destination process id and instance
number that were used to index internal arrays before being checked.
A child sending bad imsgs could cause out-of-bounds reads or
writes.

Check for a missing fd, a bad process id, or an out-of-range instance
before any array is indexed.  Also reject IMSG_CTL_PROCFD that does not
come from the parent.

from Andrew Griffiths, diff by martijn@ and myself, ok martijn@

Reply via email to