Mercurial > illumos > git > illumos-gate
changeset 19211:6f69027ec29d
11928 rpcmod's clnt_cots can do zero-length kmem allocations
Reviewed by: Matthias Scheler <Matthias.Scheler@wdc.com>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Gordon Ross <gordon.w.ross@gmail.com>
author | Dan McDonald <danmcd@joyent.com> |
---|---|
date | Tue, 05 Nov 2019 12:09:36 -0500 |
parents | 345d4862f34a |
children | 83798b4e40d2 |
files | usr/src/uts/common/rpc/clnt_cots.c |
diffstat | 1 files changed, 17 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/uts/common/rpc/clnt_cots.c Mon Jun 10 12:54:54 2019 -0400 +++ b/usr/src/uts/common/rpc/clnt_cots.c Tue Nov 05 12:09:36 2019 -0500 @@ -22,6 +22,7 @@ /* * Copyright 2016 Nexenta Systems, Inc. All rights reserved. * Copyright (c) 2016 by Delphix. All rights reserved. + * Copyright 2019 Joyent, Inc. */ /* @@ -1936,7 +1937,8 @@ if (srcaddr->len > 0) kmem_free(srcaddr->buf, srcaddr->maxlen); - srcaddr->buf = kmem_zalloc( + ASSERT(lru_entry->x_src.len != 0); + srcaddr->buf = kmem_alloc( lru_entry->x_src.len, KM_SLEEP); srcaddr->maxlen = srcaddr->len = lru_entry->x_src.len; @@ -2091,7 +2093,7 @@ cm_entry = (struct cm_xprt *) kmem_zalloc(sizeof (struct cm_xprt), KM_SLEEP); - cm_entry->x_server.buf = kmem_zalloc(destaddr->len, KM_SLEEP); + cm_entry->x_server.buf = kmem_alloc(destaddr->len, KM_SLEEP); bcopy(destaddr->buf, cm_entry->x_server.buf, destaddr->len); cm_entry->x_server.len = cm_entry->x_server.maxlen = destaddr->len; @@ -2256,9 +2258,11 @@ /* * Set up a transport entry in the connection manager's list. */ - cm_entry->x_src.buf = kmem_zalloc(srcaddr->len, KM_SLEEP); - bcopy(srcaddr->buf, cm_entry->x_src.buf, srcaddr->len); - cm_entry->x_src.len = cm_entry->x_src.maxlen = srcaddr->len; + if (srcaddr->len > 0) { + cm_entry->x_src.buf = kmem_alloc(srcaddr->len, KM_SLEEP); + bcopy(srcaddr->buf, cm_entry->x_src.buf, srcaddr->len); + cm_entry->x_src.len = cm_entry->x_src.maxlen = srcaddr->len; + } /* Else kmem_zalloc() of cm_entry already sets its x_src to NULL. */ cm_entry->x_tiptr = tiptr; cm_entry->x_time = ddi_get_lbolt(); @@ -2440,10 +2444,10 @@ if (srcaddr->len != cm_entry->x_src.len) { if (srcaddr->maxlen > 0) kmem_free(srcaddr->buf, srcaddr->maxlen); - srcaddr->buf = kmem_zalloc(cm_entry->x_src.len, + ASSERT(cm_entry->x_src.len != 0); + srcaddr->buf = kmem_alloc(cm_entry->x_src.len, KM_SLEEP); - srcaddr->maxlen = srcaddr->len = - cm_entry->x_src.len; + srcaddr->maxlen = srcaddr->len = cm_entry->x_src.len; } bcopy(cm_entry->x_src.buf, srcaddr->buf, srcaddr->len); } @@ -2631,11 +2635,11 @@ queue_t *wq, struct netbuf *addr, int addrfmly, - calllist_t *e, - int *tidu_ptr, - bool_t reconnect, - const struct timeval *waitp, - bool_t nosignal, + calllist_t *e, + int *tidu_ptr, + bool_t reconnect, + const struct timeval *waitp, + bool_t nosignal, cred_t *cr) { mblk_t *mp;