kern/89752: [bpf] [patch] bpf_validate() needs to do more checks

Jung-uk Kim jkim at
Wed Dec 7 15:40:10 PST 2005

The following reply was made to PR kern/89752; it has been noted by GNATS.

From: Jung-uk Kim <jkim at>
To: Guy Harris <guy at>
Cc: bug-followup at
Subject: Re: kern/89752: [bpf] [patch] bpf_validate() needs to do more checks
Date: Wed, 7 Dec 2005 18:37:59 -0500

 On Wednesday 07 December 2005 06:11 pm, Guy Harris wrote:
 > On Dec 7, 2005, at 2:32 PM, Jung-uk Kim wrote:
 > > It looks good but `bpf_maxbufsize' may be unavailable to other
 > > consumers such as ng_bpf(4) and it doesn't make sense to them.
 > Then that check can probably be removed - OpenBSD's consumers might
 > all use bpf_maxbufsize, so it was OK for them, and it's just an
 > optimization anyway (as the comment says, a "More strict check with
 > actual packet length is done runtime").
 I found another problem.  BPF_MAXINSNS is tunable in FreeBSD and it is 
 not available to use for others.  If we remove the check also, 
 there's no difference from the previous implementation. :-(
 > (BTW, this was from OpenBSD; if you check it in, say it's from Otto
 > Moerbeek's changes to OpenBSD, do *NOT* give me direct credit for
 > it!)
 Thanks for letting us know.
 Jung-uk Kim

More information about the freebsd-bugs mailing list