DragonFly bugs List (threaded) for 2005-07
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Memory leak for EMSGSIZE errors when writing to a BPF device

From:	Guy Harris <guy@xxxxxxxxxxxx>
Date:	Fri, 08 Jul 2005 10:22:50 -0700

bpfwrite() does:

	error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen);
	if (error)
		return(error);

	if (datlen > ifp->if_mtu)
		return(EMSGSIZE);

The mbuf chain pointed to by m isn't freed in that case.

FreeBSD 5.x fixes this by passing the MTU as an argument to bpf_movein(), and has bpf_movein() return EMSGSIZE before copying anything if the data length is greater than the MTU.

Current CVS NetBSD and OpenBSD free the mbuf chain before returning EMSGSIZE.

Follow-Ups:
- Re: Memory leak for EMSGSIZE errors when writing to a BPF device
  - From: Matthew Dillon

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]