Commit bae59285 authored by Kyle Evans's avatar Kyle Evans
Browse files

if_wg: return to m_defrag() of incoming mbuf, sans leak

This partially reverts df554850 but still fixes the leak. It was
overlooked (sigh) that some packets will exceed MHLEN and cannot be
physically contiguous without clustering, but we don't actually need
it to be. m_defrag() should pull up enough for any of the headers that
we do need to be accessible.

Fixes:	df554850
Pointy hat;	kevans
parent 09673fc0
......@@ -1904,13 +1904,12 @@ wg_input(struct mbuf *m0, int offset, struct inpcb *inpcb,
m_adj(m0, hlen);
* Ensure mbuf is contiguous over full length of the packet. This is
* done so that we can directly read the handshake values in
* wg_handshake, and so we can decrypt a transport packet by passing a
* a single buffer to noise_remote_decrypt() in wg_decap.
* Ensure mbuf has at least enough contiguous data to peel off our
* headers at the beginning.
if ((m = m_pullup(m0, m0->m_pkthdr.len)) == NULL) {
if ((m = m_defrag(m0, M_NOWAIT)) == NULL) {
DPRINTF(sc, "DEFRAG fail\n");
data = mtod(m, void *);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment