CVSROOT: /cvs
Module name: src
Changes by: flor...@cvs.openbsd.org 2025/04/26 11:58:02
Modified files:
sbin/dhcpleased: dhcpleased.c engine.c
Log message:
Make sure the engine send us a proper strings inside the imsg.
Otherwise the engine is no longer trustworthy and we should stop
running.
These strings end up in the leasefile, they might leak information about
the running process to users in group wheel in case of a buffer overread.
While here, make sure the imsg buffer is initialized to 0 in the
deconfigure case as is done for the configure case.
Review prompted by recent work in bgpd(8) by claudio.
"fine by me" claudio
