"Alexander Nasonov" <al...@netbsd.org> wrote: > Module Name: src > Committed By: alnsn > Date: Wed Aug 15 20:59:51 UTC 2012 > > Modified Files: > src/sys/net: bpf.c > > Log Message: > Fix two bugs introduced by recent commit. > > - When handling contiguous buffer in _bpf_tap(), pass its real size > rather than 0 to avoid reading packet data as mbuf struct on > out-of-bounds loads.
Thanks for fixing this, I somewhat got distracted by other things. > - Correctly pass pktlen and buflen arguments from bpf_deliver() to > bpf_filter() to avoid reading mbuf struct as packet data. > JIT case is still broken. Right, but that's why JIT is not yet enabled. I plan to make another round of changes, which includes making BPF MP-safe. Just have not had time yet.. -- Mindaugas
