DragonFly bugs List (threaded) for 2008-07
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Re: inetd crashes VKERNEL
2008/7/5 Nicolas Thery <nthery@gmail.com>:
> It looks like so_pru_ctloutput() passes an invalid sopt_val to
> kfree(). This code was changed
> recently:
>
> http://leaf.dragonflybsd.org/mailarchive/commits/2008-06/msg00123.html
>
> There is some pointer arithmetic on sopt_val in soopt_mcopyout() that
> may cause the panic you
> observe. sopt_val ends up pointing past the data copied from the
> mbuf. Maybe this is
> intentional as the code is old (imported straight from fbsd 4 and is
> still in fbsd head). This
> would allow to append more data later on. On the other hand, maybe
> that's a bug. Only a
> networking savvy person could say.
Forget this, soopt_mcopyout() is called during getsockopt() but the
crash ocurred during setsockopt()...
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]