CVSROOT: /cvs Module name: src Changes by: gil...@cvs.openbsd.org 2015/10/01 18:32:05
Modified files:
usr.sbin/smtpd : mproc.c
Log message:
introduce imsg_read_nofd() to allow reading imsg while discarding fd's when
reading from a context where we don't expect/want to receive one.
this prevents a local user from exhausting resources and causing smtpd to
hang by crafting valid imsg that don't expect a descriptor but passing one
anyways.
reported by Qualys Security
