Date: Wed, 7 Dec 2005 23:40:06 GMT From: Jung-uk Kim <jkim@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/89752: [bpf] [patch] bpf_validate() needs to do more checks Message-ID: <200512072340.jB7Ne6o9091581@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/89752; it has been noted by GNATS. From: Jung-uk Kim <jkim@FreeBSD.org> To: Guy Harris <guy@alum.mit.edu> Cc: bug-followup@FreeBSD.org Subject: Re: kern/89752: [bpf] [patch] bpf_validate() needs to do more checks Date: Wed, 7 Dec 2005 18:37:59 -0500 On Wednesday 07 December 2005 06:11 pm, Guy Harris wrote: > On Dec 7, 2005, at 2:32 PM, Jung-uk Kim wrote: > > It looks good but `bpf_maxbufsize' may be unavailable to other > > consumers such as ng_bpf(4) and it doesn't make sense to them. > > Then that check can probably be removed - OpenBSD's consumers might > all use bpf_maxbufsize, so it was OK for them, and it's just an > optimization anyway (as the comment says, a "More strict check with > actual packet length is done runtime"). I found another problem. BPF_MAXINSNS is tunable in FreeBSD and it is not available to use for others. If we remove the check also, there's no difference from the previous implementation. :-( > (BTW, this was from OpenBSD; if you check it in, say it's from Otto > Moerbeek's changes to OpenBSD, do *NOT* give me direct credit for > it!) Thanks for letting us know. Jung-uk Kim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512072340.jB7Ne6o9091581>