commit 50a7926572a40172d5c2ffe870d41ca7dc9d7046
parent dd3f998b716d869d25af0df0d94685d56e882bd1
Author: Quentin Rameau <quinq@fifth.space>
Date: Wed, 27 Jun 2018 10:34:25 +0200
Pledge dns for the fork too in case of hostname lookup
Signed-off-by: Christoph Lohmann <20h@r-36.net>
Diffstat:
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/main.c b/main.c
@@ -539,8 +539,8 @@ main(int argc, char *argv[])
cltlen = sizeof(clt);
#ifdef __OpenBSD__
- char *promises = (char[30]){};
- snprintf(promises, 30, "rpath inet stdio proc exec %s",
+ char promises[31]; /* check the size needed in the fork too */
+ snprintf(promises, sizeof(promises), "rpath inet stdio proc exec %s",
revlookup ? "dns" : "");
if (pledge(promises, NULL) == -1) {
perror("pledge");
@@ -587,8 +587,10 @@ main(int argc, char *argv[])
signal(SIGALRM, SIG_DFL);
#ifdef __OpenBSD__
- promises = nocgi ? "rpath inet stdio" :
- "rpath inet stdio proc exec";
+ snprintf(promises, sizeof(promises),
+ "rpath inet stdio %s %s",
+ nocgi ? "" : "proc exec",
+ revlookup ? "dns" : "");
if (pledge(promises, NULL) == -1) {
perror("pledge");
exit(1);
