Date: Mon, 7 Nov 2011 18:23:19 +0400 From: Gleb Smirnoff <glebius@FreeBSD.org> To: Kristof Provost <kristof@sigsegv.be> Cc: freebsd-net@FreeBSD.org, prabhakar lakhera <prabhakar.lakhera@gmail.com> Subject: Re: mbuf leak in icmp6 code?? Message-ID: <20111107142319.GK71907@FreeBSD.org> In-Reply-To: <20111103120752.GG9553@thebe.jupiter.sigsegv.be> References: <CALg%2BrhV-PcA2BJ2KcMd8KrHWN%2BrzpLu4QTC6aZL6UbUX23ebkA@mail.gmail.com> <20111103120752.GG9553@thebe.jupiter.sigsegv.be>
next in thread | previous in thread | raw e-mail | index | archive | help
Kristof, On Thu, Nov 03, 2011 at 01:07:52PM +0100, Kristof Provost wrote: K> > For example: K> > K> > icmp6_input calls icmp6_redirect_input and right after it returns it K> > makes m=NULL. Inside icmp6_redirect_input there are checks for ifp and K> > for the message being short (which probably don't get exercised that K> > often (or at all?)) and for these checks simply return. Looks to be K> > mbuf leak. In other icmp6 functions also we have similar instances. K> K> The checks for m and ifp should probably be asserts, rather than just K> returns. I think they are always supposed to be true. I've checked all callers, and it looks like m and m->pkthdr.rcvif can be safely asserted. I've committed that change. -- Totus tuus, Glebius.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111107142319.GK71907>