OK gnezdo@ Brad Smith <b...@comstyle.com> writes:
> Being that rge(4) is derived from re(4) it looks like it has the same > issues as fixed in re(4) rev 1.211. > > revision 1.211 > date: 2021/05/17 11:59:53; author: visa; state: Exp; lines: +4 -1; > commitid: aS9a9xwYauxPaauQ; > Fix mbuf leaks after reception error in re_rxeof(). > > Also, increment the error counter when an unexpected fragment is seen. > > Index: if_rge.c > =================================================================== > RCS file: /home/cvs/src/sys/dev/pci/if_rge.c,v > retrieving revision 1.15 > diff -u -p -u -p -r1.15 if_rge.c > --- if_rge.c 16 Aug 2021 01:30:27 -0000 1.15 > +++ if_rge.c 16 Aug 2021 01:49:37 -0000 > @@ -1223,6 +1223,8 @@ rge_rxeof(struct rge_queues *q) > > if ((rxstat & (RGE_RDCMDSTS_SOF | RGE_RDCMDSTS_EOF)) != > (RGE_RDCMDSTS_SOF | RGE_RDCMDSTS_EOF)) { > + ifp->if_ierrors++; > + m_freem(m); > rge_discard_rxbuf(q, i); > continue; > } > @@ -1237,6 +1239,7 @@ rge_rxeof(struct rge_queues *q) > m_freem(q->q_rx.rge_head); > q->q_rx.rge_head = q->q_rx.rge_tail = NULL; > } > + m_freem(m); > rge_discard_rxbuf(q, i); > continue; > }