On Tue, Jun 07, 2022 at 02:23:07AM +0200, Alexandr Nedvedicky wrote: > Hello, > > I've spotted this glitch while hunting down use after-free > in 'veb' packet path. I believe the issue is rather hypothetical, > there is no evidence the deemed memory leak ever occurred. > > Anyway I believe the if_vinput() should always consume packet > by either passing it further when IFXP_MONITOR flag is set > or just releasing it. > > thanks and > regards > sashan >
ok mvs@ > --------8<---------------8<---------------8<------------------8<-------- > diff --git a/sys/net/if.c b/sys/net/if.c > index f354c9d8a6c..db181586123 100644 > --- a/sys/net/if.c > +++ b/sys/net/if.c > @@ -869,6 +869,8 @@ if_vinput(struct ifnet *ifp, struct mbuf *m) > > if (__predict_true(!ISSET(ifp->if_xflags, IFXF_MONITOR))) > (*ifp->if_input)(ifp, m); > + else > + m_freem(m); > } > > void >
