Re: arpresolve: inverted logic

To: tech-net%netbsd.org@localhost
Subject: Re: arpresolve: inverted logic
From: christos%astron.com@localhost (Christos Zoulas)
Date: Sun, 29 Jan 2017 21:58:59 +0000 (UTC)

In article <005b4467-9b1b-d95c-1714-60a2c22d9777%m00nbsd.net@localhost>,
Maxime Villard  <max%m00nbsd.net@localhost> wrote:
>Hi,
>there appears to be a wrong logic in eco_output and token_output. arpresolve
>returns a non-zero value on failure, but these functions think it returns zero.
>So when arpresolve succeeds, these functions return 0 and leak the mbuf; when
>arpresolve fails, these functions believe it's ok and use 'm' while it has been
>freed. In short, either a memory leak or a use-after-free.
>
>I have written a quick patch [1], which I cannot test. Could someone please
>review it?
>
>Thanks,
>Maxime
>
>[1] http://m00nbsd.net/garbage/arp/arpresolve.diff

LGTM

christos

Follow-Ups:
- Re: arpresolve: inverted logic
  - From: Maxime Villard

References:
- arpresolve: inverted logic
  - From: Maxime Villard

Prev by Date: arpresolve: inverted logic
Next by Date: Re: workqueue for pr_input
Previous by Thread: arpresolve: inverted logic
Next by Thread: Re: arpresolve: inverted logic
Indexes:

Home | Main Index | Thread Index | Old Index