Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Aug 2004 01:41:36 -0700
From:      Brooks Davis <brooks@one-eyed-alien.net>
To:        alpha@freebsd.org
Subject:   OSF/1 SIOCRPHYSADDR fix
Message-ID:  <20040830084136.GA6700@odin.ac.hmc.edu>
next in thread | raw e-mail | index | archive | help 

--IJpNTDwzlM2Ie8A6
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Please review the following diff.  I don't expect anyone to actually
have a way to exercise this code, but as it is, it's quite broken.  The
patch switches to scanning the interface list by the approved method
instead of trying to access all the indexes between 1 and if_index
as though they all exist.  Currently, this means that if you delete
an interface other then the last one, you will attempt to access freed
memory.  I'm planning to fix that so you instead hit a NULL pointer
(I've done so in 6-CURRENT already).

-- Brooks

=3D=3D=3D=3D //depot/user/brooks/cleanup/sys/alpha/osf1/osf1_ioctl.c#1 - /h=
ome/brooks/working/freebsd/p4/cleanup/sys/alpha/osf1/osf1_ioctl.c =3D=3D=3D=
=3D
@@ -201,8 +201,8 @@
 		 * Note that we don't actually respect the name in the ifreq
 		 * structure, as DU interface names are all different.
 		 */
-		for (ifn =3D 0; ifn < if_index; ifn++) {
-			ifp =3D ifnet_byindex(ifn + 1);
+		IFNET_RLOCK();
+		TAILQ_FOREACH(ifp, &ifnet, if_link) {
 			/* Only look at ether interfaces, exclude alteon nics
 			 * because osf/1 doesn't know about most of them.
 			 */
@@ -216,16 +216,17 @@
 						retval =3D copyout(LLADDR(sdl),
 						    (caddr_t)&ifd->current_pa,
 						    6);
-						if (!retval) {
-							return(copyout(
-							    LLADDR(sdl),
-							    (caddr_t)&ifd->default_pa,
-							    6));
+						if (retval =3D=3D 0) {
+							retval =3D copyout(LLADDR(sdl),
+								(caddr_t)&ifd->default_pa, 6);
+							IFNET_RUNLOCK();
+							return(retval);
 						}
 					}
 				}
 			}
 		}
+		IFNET_RUNLOCK();
 		return(ENOENT);		/* ??? */
 	}
=20

--=20
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

--IJpNTDwzlM2Ie8A6
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBMug+XY6L6fI4GtQRAupsAJ0WM3YFDq7KlbOSLVnsJONr4leFdgCgp8hs
qXEvwZFD+vvOaTVKvw1K9p8=
=7D7C
-----END PGP SIGNATURE-----

--IJpNTDwzlM2Ie8A6--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040830084136.GA6700>