tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Overflow bugs in m_get &c.



riastradh%NetBSD.org@localhost (Taylor R Campbell) writes:

>3. If N > MLEN or MHLEN, the driver conditionally calls m_clget/MCLGET
>   to expand the space to MCLBYTES (typically 2048 but sometimes 1024
>   or 4096).

1024 would be strange, as most of the world asssumes that a cluster
can store an Ethernet packet of ~1500 bytes plus headers.


>  . If alignbytes + nbytes > MCLBYTES, extends m with MEXTMALLOC.

Traditionally mbufs exist, because they can be allocated and freed
in the network interrupt and don't fragment memory. That's true for
regular mbufs and clusters, but not for extended allocations.

Lots of limitations are implied, like "buffer is big enough for
everything" and "buffers are sufficiently aligned", without checking
these details for every operatioon. The code was created in a time
when every cycle counted.

If you keep that distinction but try to hide it, I would guess this
mostly adds overhead without making the code safer.




Home | Main Index | Thread Index | Old Index