DragonFly bugs List (threaded) for 2005-07
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Memory leak for EMSGSIZE errors when writing to a BPF device
bpfwrite() does:
error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen);
if (error)
return(error);
if (datlen > ifp->if_mtu)
return(EMSGSIZE);
The mbuf chain pointed to by m isn't freed in that case.
FreeBSD 5.x fixes this by passing the MTU as an argument to
bpf_movein(), and has bpf_movein() return EMSGSIZE before copying
anything if the data length is greater than the MTU.
Current CVS NetBSD and OpenBSD free the mbuf chain before returning
EMSGSIZE.
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]