CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2023/10/25 02:17:54
Modified files:
sys/kern : Tag: OPENBSD_7_3 uipc_mbuf.c
Log message:
Avoid assertion failure when splitting mbuf cluster.
m_split() calls m_align() to initialize the data pointer of newly
allocated mbuf. If the new mbuf will be converted to a cluster,
this is not necessary. If additionally the new mbuf is larger than
MLEN, this can lead to a panic.
Only call m_align() when a valid m_data is needed. This is the
case if we do not refecence the existing cluster, but memcpy() the
data into the new mbuf.
Reported-by: syzbot+0e6817f5877926f0e...@syzkaller.appspotmail.com
OK claudio@ deraadt@
this is errata/7.3/019_msplit.patch.sig
