Date: Wed, 6 Jun 2018 21:23:42 +0000 (UTC) From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r334737 - releng/11.2/sys/netinet Message-ID: <201806062123.w56LNgFi051796@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tuexen Date: Wed Jun 6 21:23:42 2018 New Revision: 334737 URL: https://svnweb.freebsd.org/changeset/base/334737 Log: MFstable/11 r334730 Ensure net.inet.tcp.syncache.rexmtlimit is limited by TCP_MAXRXTSHIFT. If the sysctl variable is set to a value larger than TCP_MAXRXTSHIFT+1, the array tcp_syn_backoff[] is accessed out of bounds. Discussed with: jtl@ Approved by: re (gjb) Sponsored by: Netflix, Inc. Modified: releng/11.2/sys/netinet/tcp_syncache.c Directory Properties: releng/11.2/ (props changed) Modified: releng/11.2/sys/netinet/tcp_syncache.c ============================================================================== --- releng/11.2/sys/netinet/tcp_syncache.c Wed Jun 6 20:32:39 2018 (r334736) +++ releng/11.2/sys/netinet/tcp_syncache.c Wed Jun 6 21:23:42 2018 (r334737) @@ -175,8 +175,27 @@ SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, hashsize &VNET_NAME(tcp_syncache.hashsize), 0, "Size of TCP syncache hashtable"); -SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, CTLFLAG_VNET | CTLFLAG_RW, +static int +sysctl_net_inet_tcp_syncache_rexmtlimit_check(SYSCTL_HANDLER_ARGS) +{ + int error; + u_int new; + + new = V_tcp_syncache.rexmt_limit; + error = sysctl_handle_int(oidp, &new, 0, req); + if ((error == 0) && (req->newptr != NULL)) { + if (new > TCP_MAXRXTSHIFT) + error = EINVAL; + else + V_tcp_syncache.rexmt_limit = new; + } + return (error); +} + +SYSCTL_PROC(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, + CTLFLAG_VNET | CTLTYPE_UINT | CTLFLAG_RW, &VNET_NAME(tcp_syncache.rexmt_limit), 0, + sysctl_net_inet_tcp_syncache_rexmtlimit_check, "UI", "Limit on SYN/ACK retransmissions"); VNET_DEFINE(int, tcp_sc_rst_sock_fail) = 1;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806062123.w56LNgFi051796>