From owner-freebsd-net Mon Apr 30 19:54: 5 2001 Delivered-To: freebsd-net@freebsd.org Received: from skippyii.compar.com (mail.compar.com [216.208.38.130]) by hub.freebsd.org (Postfix) with ESMTP id BFBF637B423 for ; Mon, 30 Apr 2001 19:54:02 -0700 (PDT) (envelope-from matt@gsicomp.on.ca) Received: from hermes (515.POOLDEF.TOR3.enoreo.on.ca [216.26.99.135]) by skippyii.compar.com (8.11.3/8.11.3) with SMTP id f412wf004751; Mon, 30 Apr 2001 22:58:42 -0400 (EDT) (envelope-from matt@gsicomp.on.ca) Message-ID: <015b01c0d1e9$2557a560$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: "alex" , References: <824983177.988667461@[192.168.2.94]> Subject: Re: no free() after malloc() in arp (src/usr.sbin/arp/arp.c) Date: Mon, 30 Apr 2001 22:48:01 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > i don't see a security issue in this, just want to ask if this is ok (or > maybe unwanted?): > > in src/usr.sbin/arp/arp.c in function search() (starts line ~429) i see > this (line ~447): > > if ((buf = malloc(needed)) == NULL) > > this allocated memory isn't free'd later in this function. so if arp uses > this function over and over again, memory fills up (not much, but it does). This has been reported with a fix in PR bin/27001. http://www.freebsd.org/cgi/query-pr.cgi?pr=27001 -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message