Hi,
When looking at the error paths in tcp_output() I have found these
returns that look like mbuf leaks.
ok?
bluhm
Index: netinet/tcp_output.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/tcp_output.c,v
retrieving revision 1.117
diff -u -p -r1.117 tcp_output.c
--- netinet/tcp_output.c 13 Jun 2016 21:24:43 -0000 1.117
+++ netinet/tcp_output.c 19 Jul 2016 20:56:51 -0000
@@ -931,12 +931,16 @@ send:
tdb = gettdbbysrcdst(rtable_l2(tp->t_inpcb->inp_rtableid),
0, &src, &dst, IPPROTO_TCP);
- if (tdb == NULL)
+ if (tdb == NULL) {
+ m_freem(m);
return (EPERM);
+ }
if (tcp_signature(tdb, tp->pf, m, th, iphlen, 0,
- mtod(m, caddr_t) + hdrlen - optlen + sigoff) < 0)
+ mtod(m, caddr_t) + hdrlen - optlen + sigoff) < 0) {
+ m_freem(m);
return (EINVAL);
+ }
}
#endif /* TCP_SIGNATURE */
