On Fri, Dec 14, 2007 at 11:36:52AM -0500, Arnaud Degroote
wrote:
>
> On Fri, Dec 14, 2007 at 10:38:03AM -0500, Sean Boudreau
wrote:
> > Hi:
> >
> > It's pretty easy to tickle the
> > IPSEC_ASSERT(remain < MLEN, ("m_makespace:
remainder too big: %u",
> remain));
> > in m_makespace(). If not running DIAGNOSTIC an
memcpy()
> > past a buffer occurs. The following is more
generic and
> > handles this case. Any comments before I commit?
>
> The patch seems ok. Maybe we can be a bit smarter in
case where
> hlen > M_TRAILINGSPACE(m) + remain. As we already
need to allocate at
> least one mbuf for remain, we may try to preserve some
space for hlen if
> we can't put in m after that. It can save one mbuf
allocation in some
> cases. Not
> sure it is really important in fact.
>
> It would be nice if the patch can be pulled-up in
NetBSD-4 (or must we
> wait for 4.1 ?).
Checked in. I sent the pullup request off. We'll see...
BTW looks like this is PR 30124.
-seanb
|