From owner-freebsd-security Mon Dec 4 13:53:26 2000 From owner-freebsd-security@FreeBSD.ORG Mon Dec 4 13:53:24 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from elvis.mu.org (elvis.mu.org [207.154.226.10]) by hub.freebsd.org (Postfix) with ESMTP id AFDA037B400 for ; Mon, 4 Dec 2000 13:53:24 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1098) id 501DC2B266; Mon, 4 Dec 2000 15:53:24 -0600 (CST) Date: Mon, 4 Dec 2000 15:53:24 -0600 From: Bill Fumerola To: mouss Cc: security@FreeBSD.ORG Subject: Re: ipfw/dummy: memory leak or what? Message-ID: <20001204155324.J75794@elvis.mu.org> References: <4.3.0.20001204204204.04b31e90@pop.free.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <4.3.0.20001204204204.04b31e90@pop.free.fr>; from usebsd@free.fr on Mon, Dec 04, 2000 at 08:48:38PM +0100 X-Operating-System: FreeBSD 4.2-FEARSOME-20001103 i386 Sender: billf@elvis.mu.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Dec 04, 2000 at 08:48:38PM +0100, mouss wrote: > while looking at the ip_input code, and more particularly at the dummy net > stuff > in the start, I saw the > m = m->m_next; > > given that m is supposed to be freed wen delivered, I don't see when is the > dummy > net mbuf (the one containing the rule, and that is skipped by the ->m_next > above) > will be freed. > Is this a memory leak opprotunity or am I missing something? that line of code occurs 1328408120847192384719238128401382 times in the net code. you might want to give some context to what you're trying to say. -- Bill Fumerola - security yahoo / Yahoo! inc. - fumerola@yahoo-inc.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message