deraadt 443dd5519a During early stages of fork in process_new(), since the ps_pgrp field is ...

in the process copy region the child gets this pointer.  Before fork1()
completes the process creation, it is possible for other processes to change
the pgrp in an attacker controlled way, such that the pointer becomes stagnant.
A very complicated AI-generated attack chaining many methods (which a experienced
human could generate given sufficent time) suceeds at racing this stagnant pgrp
object in the pool cache and can do things it should not.
We need to start the children without a pgrp (ie. NULL), and update the
pgrp pointer late.
Found by Nicholas Carlini at Anthropic
this is security errata 7.7/037_pgrp.patch.sig and 7.8/031_pgrp.patch.sig

2026-04-15 18:55:54 +00:00

bin

ksh: yank on 'change' in vi-mode

2026-04-04 09:33:18 +00:00

distrib

sync

2026-04-13 19:13:59 +00:00

etc

…

games

…

gnu

Respect DEBUG so we can build perl with debug symbols

2026-04-07 16:41:33 +00:00

include

FNM_CASEFOLD (and its synonym FNM_IGNORECASE) are now part of POSIX.1-2024

2026-03-29 14:08:46 +00:00

lib

Provide an example how to disambiguate mktime() return values

2026-04-15 00:20:28 +00:00

libexec

If a fd satisfies both POLLIN and POLLOUT in the same cycle, but the

2026-04-02 17:23:04 +00:00

regress

Prior to this we substring matched and allowed a leading .

2026-04-13 17:04:23 +00:00

sbin

Do not pass pointers over privilege boundaries.

2026-04-15 16:50:32 +00:00

share

smte(4)

2026-04-13 12:20:13 +00:00

sys

During early stages of fork in process_new(), since the ps_pgrp field is

2026-04-15 18:55:54 +00:00

usr.bin

Do not leak old time format if it is replaced in same format.

2026-04-14 11:25:41 +00:00

usr.sbin

vmd(8): remove config parsing TOCTOU with disk parsing.

2026-04-14 21:41:19 +00:00

.gitignore

…

Makefile

…

Makefile.cross

…

S

Description

Unofficial mirror of the source tree

openbsd

1.6 GiB

Languages

C 55.5%

C++ 31%

Perl 3.8%

Roff 2.9%

Makefile 0.9%

Other 5.4%