From 2d5736f2971f712a30c320c8e5a170523fae2787 Mon Sep 17 00:00:00 2001 From: nicm Date: Thu, 2 Apr 2026 09:11:39 +0000 Subject: [PATCH] Limit argc to between 0 and 1000 to prevent fatal from MSG_COMMAND, from Michal Majchrowicz. --- cmd.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cmd.c b/cmd.c index e5ec9cc5..04a4caf0 100644 --- a/cmd.c +++ b/cmd.c @@ -304,6 +304,8 @@ cmd_unpack_argv(char *buf, size_t len, int argc, char ***argv) if (argc == 0) return (0); + if (argc < 0 || argc > 1000) + return (-1); *argv = xcalloc(argc, sizeof **argv); buf[len - 1] = '\0';