path: root/sys/netipsec
diff options
authorAlexander V. Chernikov <melifaro@FreeBSD.org>2021-02-07 17:21:18 +0000
committerAlexander V. Chernikov <melifaro@FreeBSD.org>2021-02-08 21:42:20 +0000
commit4a01b854ca5c2e5124958363b3326708b913af71 (patch)
tree466705011527e1d00e89597d5d3b60854ca7d8c3 /sys/netipsec
parentd8c6d4c7321d4c969216bda8f792b45ed00afd64 (diff)
SO_RERROR indicates that receive buffer overflows should be handled as errors.
Historically receive buffer overflows have been ignored and programs could not tell if they missed messages or messages had been truncated because of overflows. Since programs historically do not expect to get receive overflow errors, this behavior is not the default. This is really really important for programs that use route(4) to keep in sync with the system. If we loose a message then we need to reload the full system state, otherwise the behaviour from that point is undefined and can lead to chasing bogus bug reports.
Diffstat (limited to 'sys/netipsec')
1 files changed, 5 insertions, 5 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c
index 49efa0a3c510..7a0b9e757022 100644
--- a/sys/netipsec/keysock.c
+++ b/sys/netipsec/keysock.c
@@ -141,7 +141,6 @@ end:
static int
key_sendup0(struct rawcb *rp, struct mbuf *m, int promisc)
- int error;
if (promisc) {
struct sadb_msg *pmsg;
@@ -165,11 +164,12 @@ key_sendup0(struct rawcb *rp, struct mbuf *m, int promisc)
m, NULL)) {
- error = ENOBUFS;
- } else
- error = 0;
+ soroverflow(rp->rcb_socket);
+ return ENOBUFS;
+ }
- return error;
+ return 0;
/* so can be NULL if target != KEY_SENDUP_ONE */