Date: Thu, 26 Mar 2015 22:42:28 +0300 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Alexandre Martins <alexandre.martins@stormshield.eu>, freebsd-current@freebsd.org Subject: Re: Mbuf leak in if_lagg.c Message-ID: <55146124.2070501@yandex.ru> In-Reply-To: <1708955.mQ2X6OUmTD@pc-alex> References: <1708955.mQ2X6OUmTD@pc-alex>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --PEb6dpqKn9b34TnExeL9HcsEBCnfSiNiT Content-Type: multipart/mixed; boundary="------------090404090706090106050304" This is a multi-part message in MIME format. --------------090404090706090106050304 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 19.03.2015 19:31, Alexandre Martins wrote: > Hi ! >=20 > I found a leak of mbuf in the lagg driver : >=20 > https://svnweb.freebsd.org/base/head/sys/net/if_lagg.c?view=3Dannotate#= l1672 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- > m =3D (lp->lp_detaching =3D=3D 0) ? lagg_proto_input(sc, lp, m) : NULL;= > -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- >=20 > If lp_detaching is non 0, the mbuf pointer is set to NULL without m_fre= em it. >=20 > Can you look at this ? Hi, what you thing about this patch? lp_detaching can be non zero in case of parent interface departure. So I don't see the reason to call ETHER_BPF_MTAP() in this case. --=20 WBR, Andrey V. Elsukov --------------090404090706090106050304 Content-Type: text/x-patch; name="if_lagg.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="if_lagg.diff" Index: if_lagg.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- if_lagg.c (revision 280234) +++ if_lagg.c (working copy) @@ -1661,7 +1661,8 @@ lagg_input(struct ifnet *ifp, struct mbuf *m) LAGG_RLOCK(sc, &tracker); if ((scifp->if_drv_flags & IFF_DRV_RUNNING) =3D=3D 0 || (lp->lp_flags & LAGG_PORT_DISABLED) || - sc->sc_proto =3D=3D LAGG_PROTO_NONE) { + sc->sc_proto =3D=3D LAGG_PROTO_NONE || + lp->lp_detaching !=3D 0) { LAGG_RUNLOCK(sc, &tracker); m_freem(m); return (NULL); @@ -1668,9 +1669,7 @@ lagg_input(struct ifnet *ifp, struct mbuf *m) } =20 ETHER_BPF_MTAP(scifp, m); - - m =3D (lp->lp_detaching =3D=3D 0) ? lagg_proto_input(sc, lp, m) : NULL;= - + m =3D lagg_proto_input(sc, lp, m); if (m !=3D NULL) { if (scifp->if_flags & IFF_MONITOR) { m_freem(m); --------------090404090706090106050304-- --PEb6dpqKn9b34TnExeL9HcsEBCnfSiNiT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJVFGEpAAoJEAHF6gQQyKF6dCkH/jG8RGDPU3ZyUEEbHQvsyfd/ g4SuE6hLm3QRWtg86fgkCDUlGWsAcirMafXcSnk0mGvJXcVjMuLKoRNT/2MNFOFd 56fh9aAWpreuLY/C2aCZf8POf/JK31nx/uAClnegRMvP+pTLsbSF0fQBzGtZVwor 7nsZ8d+sdKMQZlMXWNGXN22gAMXj2yZtltTqn5s6adLKSC1bGwuDWmeH0X+n4Y4b 0sJz6eBGndYddY/IZur76ytmif84D0SdcWd2Uv8Dsp8x8gMNG/CNU+lKL/XeLQVr ifZas6WtcQcSTyegYdimleWnlvwvQ+WIkZ0tmdzLLwP730z418ozMI0Pi+1XgMw= =himj -----END PGP SIGNATURE----- --PEb6dpqKn9b34TnExeL9HcsEBCnfSiNiT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55146124.2070501>