commit 8c580685acce28b315d626e327e68287473b27b0
from: Stefan Sperling <stsp@stsp.name>
date: Sun Apr 22 13:42:17 2018 UTC

treat unexpected message from unpriv processes as error

commit - 8aac89a7e03403f2e1455eceadf817cded96c9e7
commit + 8c580685acce28b315d626e327e68287473b27b0
blob - 92dd8ec2b275504c93573219db0f65d317daf3f7
blob + 8c6c1506e6a1ce41d6b432ec25ddd744d509e7a9
--- include/got_error.h
+++ include/got_error.h
@@ -52,6 +52,7 @@
 #define GOT_ERR_PRIVSEP_LEN	36
 #define GOT_ERR_PRIVSEP_PIPE	37
 #define GOT_ERR_PRIVSEP_NO_FD	38
+#define GOT_ERR_PRIVSEP_MSG	39
 
 static const struct got_error {
 	int code;
@@ -93,6 +94,7 @@ static const struct got_error {
 				"from unprivileged process" },
 	{ GOT_ERR_PRIVSEP_PIPE,	"unprivileged process closed pipe" },
 	{ GOT_ERR_PRIVSEP_NO_FD,"out of file descriptors for privsep" },
+	{ GOT_ERR_PRIVSEP_MSG,"unexpected message from unprivileged process" },
 };
 
 /*
blob - 60217e165d143720f05e81142e7a2e47b3c41132
blob + 36381556ce756969c55865370377ca56bb49582c
--- lib/privsep.c
+++ lib/privsep.c
@@ -201,6 +201,9 @@ got_privsep_recv_obj(struct got_object **obj, struct i
 			/* TODO: Handle deltas */
 		}
 		break;
+	default:
+		err = got_error(GOT_ERR_PRIVSEP_MSG);
+		break;
 	}
 
 	imsg_free(&imsg);