Module Name: src
Committed By: martin
Date: Wed Oct 16 09:46:55 UTC 2019
Modified Files:
src/sys/net [netbsd-9]: bpf.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #335):
sys/net/bpf.c: revision 1.230
sys/net/bpf.c: revision 1.231
Add KASSERT to catch bugs. Something tells me it could easily fire.
-
As I suspected, the KASSERT I added yesterday can fire if we try to process
zero-sized packets. Skip them to prevent a type confusion that can trigger
random page faults later.
To generate a diff of this commit:
cvs rdiff -u -r1.229 -r1.229.2.1 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.229 src/sys/net/bpf.c:1.229.2.1
--- src/sys/net/bpf.c:1.229 Wed Jul 10 17:55:33 2019
+++ src/sys/net/bpf.c Wed Oct 16 09:46:55 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.229 2019/07/10 17:55:33 maxv Exp $ */
+/* $NetBSD: bpf.c,v 1.229.2.1 2019/10/16 09:46:55 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229 2019/07/10 17:55:33 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229.2.1 2019/10/16 09:46:55 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1676,10 +1676,16 @@ _bpf_mtap(struct bpf_if *bp, struct mbuf
pktlen = m_length(m);
+ /* Skip zero-sized packets. */
+ if (__predict_false(pktlen == 0)) {
+ return;
+ }
+
if (pktlen == m->m_len) {
cpfn = (void *)memcpy;
marg = mtod(m, void *);
buflen = pktlen;
+ KASSERT(buflen != 0);
} else {
cpfn = bpf_mcpy;
marg = m;
