From owner-svn-src-head@freebsd.org Tue Oct 4 20:59:52 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57F41AF56B7 for ; Tue, 4 Oct 2016 20:59:52 +0000 (UTC) (envelope-from hiren@FreeBSD.org) Received: from mail.strugglingcoder.info (strugglingcoder.info [104.236.146.68]) by mx1.freebsd.org (Postfix) with ESMTP id 4A49B625; Tue, 4 Oct 2016 20:59:51 +0000 (UTC) (envelope-from hiren@FreeBSD.org) Received: from localhost (unknown [10.1.1.3]) (Authenticated sender: hiren@strugglingcoder.info) by mail.strugglingcoder.info (Postfix) with ESMTPA id 4060817906; Tue, 4 Oct 2016 13:59:45 -0700 (PDT) Date: Tue, 4 Oct 2016 13:59:45 -0700 From: Hiren Panchasara To: Gleb Smirnoff Cc: svn-src-head@freebsd.org, lohith.bellad@me.com Subject: Re: svn commit: r306337 - head/sys/kern Message-ID: <20161004205945.GA50669@strugglingcoder.info> References: <201609261013.u8QADwrV002892@repo.freebsd.org> <20161004205352.GM23123@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="AhhlLboLdkugWU4S" Content-Disposition: inline In-Reply-To: <20161004205352.GM23123@FreeBSD.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 20:59:52 -0000 --AhhlLboLdkugWU4S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable + Lohith On 10/04/16 at 01:53P, Gleb Smirnoff wrote: > Hiren, >=20 > On Mon, Sep 26, 2016 at 10:13:58AM +0000, Hiren Panchasara wrote: > H> Author: hiren > H> Date: Mon Sep 26 10:13:58 2016 > H> New Revision: 306337 > H> URL: https://svnweb.freebsd.org/changeset/base/306337 > H>=20 > H> Log: > H> In sendit(), if mp->msg_control is present, then in sockargs() we ar= e allocating > H> mbuf to store mp->msg_control. Later in kern_sendit(), call to getso= ck_cap(), > H> will check validity of file pointer passed, if this fails EBADF is r= eturned but > H> mbuf allocated in sockargs() is not freed. Fix this possible leak. > H> =20 > H> Submitted by: Lohith Bellad > H> Reviewed by: adrian > H> MFC after: 3 weeks > H> Differential Revision: https://reviews.freebsd.org/D7910 >=20 > The commit appeared to be incorrect, but a problem exists. I'd like to lo= ok at it. > Is there any reproduce recipe for the leak or bug filed? > Cheers, Hiren --AhhlLboLdkugWU4S Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQF8BAABCgBmBQJX9Bg+XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBNEUyMEZBMUQ4Nzg4RjNGMTdFNjZGMDI4 QjkyNTBFMTU2M0VERkU1AAoJEIuSUOFWPt/lXagH/1dNc8iQ62XL4YOT/SVqxNE2 9TFdd5RQmv64ZrNdHT56MbI35VBg+2fOkL5ANpeES6tdQ+z46tNA3A6HQ+/Yyu10 D2IKOBktvsmsYd2O8Qc63a7ycBWBjrNM7DY3H8pxPz0GXK75RvUmToGYg+pFQ/hM YFR+FJVA8gijxeuqUu3pMD/m9KtADGIcYQqfgaMW5dVX4j83r2NoUZurZ4pbGGQq cct5P5r1D8enxxT0C/8M9pGoEiG6VoEmlco1AA6vN8WJxC5BEREZoHjMlznQV1qd lKGmGPUv7d4Z4uAAnkcvXZxBFpyYrQ5XXyboVZ1dZ/0Tkt6IZ1XZN1MD43V+BmI= =2X+S -----END PGP SIGNATURE----- --AhhlLboLdkugWU4S--