Fix a couple of mbuf leaks introduced by r217242. I do

not believe that these leaks had a practical impact, since the situations in which they would have occurred would have been extremely rare. MFC after: 2 weeks
svn path=/head/; revision=220585
2011-04-13 00:03:49 +00:00 · 2011-04-13 00:03:49 +00:00 · 5e8eb3cd4e · 2020-12-20 02:59:44 +00:00
commit 5e8eb3cd4e
parent a7817c7ae5
2 changed files with 7 additions and 2 deletions
--- a/sys/rpc/clnt_dg.c
+++ b/sys/rpc/clnt_dg.c
@ -1086,11 +1086,13 @@ clnt_dg_soupcall(struct socket *so, void *arg, int waitflag)
 		/*
 		 * The XID is in the first uint32_t of the reply.
 		 */
-		if (m->m_len < sizeof(xid) && m_length(m, NULL) < sizeof(xid))
+		if (m->m_len < sizeof(xid) && m_length(m, NULL) < sizeof(xid)) {
 			/*
 			 * Should never happen.
 			 */
+			m_freem(m);
 			continue;
+		}

 		m_copydata(m, 0, sizeof(xid), (char *)&xid);
 		xid = ntohl(xid);
--- a/sys/rpc/clnt_vc.c
+++ b/sys/rpc/clnt_vc.c
@ -973,8 +973,11 @@ clnt_vc_soupcall(struct socket *so, void *arg, int waitflag)
 				 * the reply.
 				 */
 				if (ct->ct_record->m_len < sizeof(xid) &&
-				    m_length(ct->ct_record, NULL) < sizeof(xid))
+				    m_length(ct->ct_record, NULL) <
+				    sizeof(xid)) {
+					m_freem(ct->ct_record);
 					break;
+				}
 				m_copydata(ct->ct_record, 0, sizeof(xid),
 				    (char *)&xid);
 				xid = ntohl(xid);