On 12/09/20(Sat) 14:49, Klemens Nanni wrote:
> These are the last free(buf, 0) occurences in if_pppoe.c and
> if_spppsubr.c changing to non-zero sizes.
>
> I've been running with this the last week without any issues.
>
> Feedback? OK?
Maybe store `pwdlen' and `idlen' in "struct sppp" instead of recomputing
it everytime?
Another approach would be to always use array of AUTHMAXLEN, I'm not sure
the size justifies two malloc(9).
Anyway the diff is ok mpi@
> Index: if_spppsubr.c
> ===================================================================
> RCS file: /cvs/src/sys/net/if_spppsubr.c,v
> retrieving revision 1.186
> diff -u -p -r1.186 if_spppsubr.c
> --- if_spppsubr.c 22 Aug 2020 16:12:12 -0000 1.186
> +++ if_spppsubr.c 3 Sep 2020 21:43:54 -0000
> @@ -750,13 +750,15 @@ sppp_detach(struct ifnet *ifp)
>
> /* release authentication data */
> if (sp->myauth.name != NULL)
> - free(sp->myauth.name, M_DEVBUF, 0);
> + free(sp->myauth.name, M_DEVBUF, strlen(sp->myauth.name) + 1);
> if (sp->myauth.secret != NULL)
> - free(sp->myauth.secret, M_DEVBUF, 0);
> + free(sp->myauth.secret, M_DEVBUF,
> + strlen(sp->myauth.secret) + 1);
> if (sp->hisauth.name != NULL)
> - free(sp->hisauth.name, M_DEVBUF, 0);
> + free(sp->hisauth.name, M_DEVBUF, strlen(sp->hisauth.name) + 1);
> if (sp->hisauth.secret != NULL)
> - free(sp->hisauth.secret, M_DEVBUF, 0);
> + free(sp->hisauth.secret, M_DEVBUF,
> + strlen(sp->hisauth.secret) + 1);
> }
>
> /*
> @@ -4579,9 +4587,11 @@ sppp_set_params(struct sppp *sp, struct
> if (spa->proto == 0) {
> /* resetting auth */
> if (auth->name != NULL)
> - free(auth->name, M_DEVBUF, 0);
> + free(auth->name, M_DEVBUF,
> + strlen(auth->name) + 1);
> if (auth->secret != NULL)
> - free(auth->secret, M_DEVBUF, 0);
> + free(auth->secret, M_DEVBUF,
> + strlen(auth->secret) + 1);
> bzero(auth, sizeof *auth);
> explicit_bzero(sp->chap_challenge, sizeof
> sp->chap_challenge);
> } else {
> @@ -4594,7 +4604,8 @@ sppp_set_params(struct sppp *sp, struct
> p = malloc(len, M_DEVBUF, M_WAITOK);
> strlcpy(p, spa->name, len);
> if (auth->name != NULL)
> - free(auth->name, M_DEVBUF, 0);
> + free(auth->name, M_DEVBUF,
> + strlen(auth->name) + 1);
> auth->name = p;
>
> if (spa->secret[0] != '\0') {
> @@ -4603,7 +4614,8 @@ sppp_set_params(struct sppp *sp, struct
> p = malloc(len, M_DEVBUF, M_WAITOK);
> strlcpy(p, spa->secret, len);
> if (auth->secret != NULL)
> - free(auth->secret, M_DEVBUF, 0);
> + free(auth->secret, M_DEVBUF,
> + strlen(auth->secret) + 1);
> auth->secret = p;
> } else if (!auth->secret) {
> p = malloc(1, M_DEVBUF, M_WAITOK);
>
