diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-14 03:27:03 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-14 03:27:03 +0000 |
| commit | fe522f952060db79bb78a45688cc3662fb6285ee (patch) | |
| tree | 63c7d5bda6da60d75d2d19da85f7bec9e4427c05 /sys/kern | |
| parent | 83704025f8f4a2a8362fb2a9d1c1c9de9a045259 (diff) | |
sendmsg() is allowed to pass cmsg's which are not CMSG_RIGHTS - last
refactoring inverted the checks; spotted by sthen in ping6.
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_pledge.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index a65899277b5..8da95a63f25 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.22 2015/10/13 20:00:49 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.23 2015/10/14 03:27:02 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -786,9 +786,6 @@ pledge_cmsg_send(struct proc *p, struct mbuf *control) if ((p->p_p->ps_flags & PS_PLEDGE) == 0) return (0); - if ((p->p_p->ps_pledge & PLEDGE_SENDFD) == 0) - return pledge_fail(p, EPERM, PLEDGE_SENDFD); - /* Scan the cmsg */ cmsg = mtod(control, struct cmsghdr *); @@ -797,6 +794,9 @@ pledge_cmsg_send(struct proc *p, struct mbuf *control) cmsg->cmsg_type == SCM_RIGHTS)) return (0); + if ((p->p_p->ps_pledge & PLEDGE_SENDFD) == 0) + return pledge_fail(p, EPERM, PLEDGE_SENDFD); + /* In OpenBSD, a CMSG only contains one SCM_RIGHTS. Check it. */ fdp = (int *)CMSG_DATA(cmsg); nfds = (cmsg->cmsg_len - CMSG_ALIGN(sizeof(*cmsg))) / |