Date: Sun, 21 Mar 2010 20:23:02 -0400 (EDT) From: Rick Macklem <rmacklem@uoguelph.ca> To: Mikolaj Golub <to.my.trociny@gmail.com> Cc: bug-followup@FreeBSD.org, freebsd-fs@FreeBSD.org, Kai Kockro <kkockro@web.de>, danny@cs.huji.ac.il Subject: Re: kern/144330: [nfs] mbuf leakage in nfsd with zfs Message-ID: <Pine.GSO.4.63.1003212018180.28991@muncher.cs.uoguelph.ca> In-Reply-To: <86tys9eqo6.fsf@kopusha.onet> References: <201003171120.o2HBK3CV082081@freefall.freebsd.org> <20100317113953.GA14582@icarus.home.lan> <Pine.GSO.4.63.1003171844120.20254@muncher.cs.uoguelph.ca> <86tys9eqo6.fsf@kopusha.onet>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 21 Mar 2010, Mikolaj Golub wrote: > > Reviewing rpc/svc.c:svc_getreq() it looks for me that for RS_DONE case args > are nevere freed. Shouldn't it be like in the attached patch? > Oops, I meant to ask Daniel Braniss (not Jeremy) w.r.t testing the patch, since he can easily reproduce the problem. Of course, I'd appreciate anyone who can test it to do so and let us know how it goes. Daniel, here's the patch just in case you didn't see Mikolaj's email. rick Mikolaj's patch: --- sys/rpc/svc.c.orig 2010-03-21 10:17:20.000000000 +0200 +++ sys/rpc/svc.c 2010-03-21 10:20:05.000000000 +0200 @@ -819,6 +819,7 @@ svc_getreq(SVCXPRT *xprt, struct svc_req free(r->rq_addr, M_SONAME); r->rq_addr = NULL; } + m_freem(args); goto call_done; default:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.63.1003212018180.28991>