In an OOM condition, we noticed a couple of mem_alloc handling bugs in
this file. Please let me know if a PR should be opened for these.
- No NULL checks after mem_alloc()'s:
SVCXPRT *
svc_xprt_alloc()
{
SVCXPRT *xprt;
SVCXPRT_EXT *ext;
xprt = mem_alloc(sizeof(SVCXPRT));
memset(xprt, 0, sizeof(SVCXPRT));
ext = mem_alloc(sizeof(SVCXPRT_EXT));
memset(ext, 0, sizeof(SVCXPRT_EXT));
xprt->xp_p3 = ext;
ext->xp_auth.svc_ah_ops = &svc_auth_null_ops;
return (xprt);
}
- No lock release if mem_alloc() returns NULL:
void
xprt_register(xprt)
SVCXPRT *xprt;
{
int sock;
assert(xprt != NULL);
sock = xprt->xp_fd;
rwlock_wrlock(&svc_fd_lock);
if (__svc_xports == NULL) {
__svc_xports = (SVCXPRT **)
mem_alloc(FD_SETSIZE * sizeof(SVCXPRT *));
if (__svc_xports == NULL)
return;
memset(__svc_xports, '\0', FD_SETSIZE * sizeof(SVCXPRT *));
}
if (sock < FD_SETSIZE) {
__svc_xports[sock] = xprt;
FD_SET(sock, &svc_fdset);
svc_maxfd = max(svc_maxfd, sock);
}
rwlock_unlock(&svc_fd_lock);
}
Thanks,
Matt
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
