Bug 22181

Summary: Bugs in the VLAN driver multicast manipulation code
Product: Base System Reporter: Yar Tikhiy <yar>
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.1-STABLE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Yar Tikhiy 2000-10-21 14:00:01 UTC 
	First, the VLAN driver initialized the "sdl" structure
	in a wrong way in its function vlan_setmulti().
	In particular, the sdl.sdl_nlen field is not explicitly
	set to zero, but it's then used inside the LLADDR() macro.
	Besides that, there are other "struct sockaddr_dl" fileds
	to set.

	Second, that function calls malloc() with the M_NOWAIT
	flag, but doesn't check its return value. The function
	won't run at the interrupt level, so it's safe to use
	M_WAITOK there.

	Both bugs may cause system panic.

How-To-Repeat: 
	See the code.
Comment 1 Yar Tikhiy freebsd_committer freebsd_triage 2001-03-31 12:05:30 UTC 
State Changed
From-To: open->closed

Fixed in both branches