Package: vde2 Version: 2.2.3-3 Severity: important Tags: patch slirpvde leaks over 1600 bytes per packet received, even tiny ones like pings. This makes it practically unusable for a production system in the current state.
I've attached a patch to fix the leak. -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages vde2 depends on: ii adduser 3.110 add and remove users and groups ii libc6 2.10.2-5 Embedded GNU C Library: Shared lib ii libpcap0.8 1.0.0-6 system interface for user-level pa ii libvde0 2.2.3-3 Virtual Distributed Ethernet - sup ii libvdeplug2 2.2.2-3 Virtual Distributed Ethernet - Plu vde2 recommends no packages. Versions of packages vde2 suggests: ii qemu 0.11.1-2 fast processor emulator ii qemu-kvm [kvm] 0.11.1+dfsg-1 Full virtualization on x86 hardwar pn vde2-cryptcab <none> (no description available) -- no debconf information
diff --git a/src/slirpvde/slirp.c b/src/slirpvde/slirp.c
index e0d6807..b5c2084 100644
--- a/src/slirpvde/slirp.c
+++ b/src/slirpvde/slirp.c
@@ -601,6 +601,7 @@ void slirp_input(const uint8_t *pkt, int pkt_len)
m->m_len -= ETH_HLEN;
ip_input(m);
+ m_free(m);
break;
default:
break;
signature.asc
Description: Digital signature
