Hi! dyoung,


From: David Young <dyoung@pobox.com>
Date: Sun, 5 Aug 2007 15:07:27 -0500

> On Sat, Aug 04, 2007 at 03:25:13AM -0500, David Young wrote:
> > On Sat, Aug 04, 2007 at 03:47:12PM +0900, KIYOHARA Takashi wrote:
> > > Hi! dyoung,
> > > 
> > > 
> > > The rt_tables was broken since 07/19/2007 20:49:00 perhaps.  X-<
> > > 
> > >   http://mail-index.netbsd.org/source-changes/2007/07/19/0032.html
> > 
> > The bug is not new since 19 July 2007.  The kernel has been sloppy
> > about copying link-layer addresses for a long time.  fwip(4) suffers
> > the buffer overflow because its link-layer addresses are the longest.
> > I have attached a patch that shows an approach to a fix for the bugs.
> > I leave it to you to make the patch compile and run. :-)
> 
> Here is a new patch, also untested.  Lengthening sockaddr_dl is still
> left as an exercise for the reader. :-)

I tried your patch.  However repeated the message.  X-<

  sockaddr_dl_setaddr: no room for 16-byte media address


I think that the return value of sockaddr_dup() that is called in
rt_setgate() is a problem.  This is a value of pool(9).
Can you resize it?

Do you keep it to a more longer size beforehand?


Thanks,
--
kiyohara