Date: Mon, 04 Dec 2000 14:28:32 -0800 (PST) From: John Baldwin <jhb@FreeBSD.org> To: Bill Fumerola <billf@mu.org> Cc: security@FreeBSD.org, mouss <usebsd@free.fr> Subject: Re: ipfw/dummy: memory leak or what? Message-ID: <XFMail.001204142832.jhb@FreeBSD.org> In-Reply-To: <20001204155324.J75794@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04-Dec-00 Bill Fumerola wrote: > On Mon, Dec 04, 2000 at 08:48:38PM +0100, mouss wrote: >> while looking at the ip_input code, and more particularly at the dummy net >> stuff >> in the start, I saw the >> m = m->m_next; >> >> given that m is supposed to be freed wen delivered, I don't see when is the >> dummy >> net mbuf (the one containing the rule, and that is skipped by the ->m_next >> above) >> will be freed. >> Is this a memory leak opprotunity or am I missing something? > > that line of code occurs 1328408120847192384719238128401382 times in the net > code. you might want to give some context to what you're trying to say. He said ip_input, and at the start in the dummynet stuff: The only time m = m->next occurs in ip_input() is here: void ip_input(struct mbuf *m) { ... #if defined(IPFIREWALL) && defined(DUMMYNET) /* * dummynet packet are prepended a vestigial mbuf with * m_type = MT_DUMMYNET and m_data pointing to the matching * rule. */ if (m->m_type == MT_DUMMYNET) { rule = (struct ip_fw_chain *)(m->m_data) ; m = m->m_next ; ip = mtod(m, struct ip *); hlen = IP_VHL_HL(ip->ip_vhl) << 2; goto iphack ; } else rule = NULL ; #endif Looks like plenty of context to me. As to the actual question, I'm not a networking whiz I'm afraid. -- John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.001204142832.jhb>