[Bug 209475] pf didn't check if enough free RAM for net.pf.states_hashsize
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Jan 17 10:46:50 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209475
--- Comment #17 from Kristof Provost <kp at freebsd.org> ---
(In reply to fehmi noyan isi from comment #16)
Yes, absolutely. The potential for integer overflow is a separate issue.
I wouldn't try check_if_we_have_enough_memory() though. Memory allocation is
very complicated and it's basically impossible to predict if there'd be enough
free memory to satisfy a request without actually doing it. Moreover, it'd
always be susceptible to races.
I'd try to allocate the requested size with malloc(size * sizeof(foo),
M_NOWAIT). If that fails we can fall back on malloc(DEFAULT_SIZE * sizeof(foo),
M_WAITOK). Even that allocation might block forever, but at that point the
system is so low on memory that we'll be in all sorts of trouble.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-pf
mailing list