SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2008, 09:20 AM
| ||||
| ||||
 Re: use after free in sys/net/if_gif.c Am Dienstag, den 17.04.2007, 19:15 +0200 schrieb Claudio Jeker: > On Tue, Apr 17, 2007 at 12:31:48PM -0400, Stefan Schmieta wrote: > > Revision 1.41 of sys/net/if_gif.c broke the gif-loop detection by > > introducing a use-after-free that causes a kernel panic if a loop is > > detected. Not sure if the patch below is the way to go, but it > > definitely makes the crash go away. > > > > I like the following solution better. Works fine here. Stefan > > -- > :wq Claudio > > Index: if_gif.c > ================================================== ================= > RCS file: /cvs/src/sys/net/if_gif.c,v > retrieving revision 1.41 > diff -u -p -r1.41 if_gif.c > --- if_gif.c 22 Feb 2007 15:31:44 -0000 1.41 > +++ if_gif.c 17 Apr 2007 17:07:28 -0000 > @@ -196,9 +196,11 @@ gif_start(ifp) > log(LOG_NOTICE, "gif_output: " > "recursively called too many times > \n"); > m_freem(m); > - continue; > + break; > } > } > + if (mtag) > + continue; > > mtag = m_tag_get(PACKET_TAG_GIF, sizeof(caddr_t), > M_NOWAIT); > if (mtag == NULL) {      |
Linear Mode
