Date: Fri, 11 Jan 2002 14:29:04 -0800 (PST) From: John Baldwin <jhb@FreeBSD.org> To: Ian Dowse <iedowse@FreeBSD.org> Cc: cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org Subject: RE: cvs commit: src/sys/nfsserver nfsm_subs.h Message-ID: <XFMail.020111142904.jhb@FreeBSD.org> In-Reply-To: <200201112222.g0BMMdh66532@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11-Jan-02 Ian Dowse wrote: > iedowse 2002/01/11 14:22:39 PST > > Modified files: > sys/nfsserver nfsm_subs.h > Log: > The macro nfsm_reply() is supposed to allocate a reply in all cases, > but since the nfs cleanup, it hasn't done so in the case where > `error' is EBADRPC. Callers of this macro expect it to initialise > *mrq, and the `nfsmout' exit point expects a reply to be allocated > if error == 0. When nfsm_reply() was called with error = EBADRPC, > whatever junk was in *mrq (often a stale pointer to an old reply > mbuf) would be assumed to be a valid reply and passed to pru_sosend(), > causing a crash sooner or later. > > Fix this by allocating a reply even in the EBADRPC case like we > used to do. This bug was specific to -current. Wow, nice catch! -- John Baldwin <jhb@FreeBSD.org> <>< http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.020111142904.jhb>