Date: Fri, 20 Nov 2020 13:00:29 +0000 (UTC) From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r367891 - head/sys/netinet Message-ID: <202011201300.0AKD0TDW046562@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tuexen Date: Fri Nov 20 13:00:28 2020 New Revision: 367891 URL: https://svnweb.freebsd.org/changeset/base/367891 Log: Fix an issue I introuced in r367530: tcp_twcheck() can be called with to == NULL for SYN segments. So don't assume tp != NULL. Thanks to jhb@ for reporting and suggesting a fix. PR: 250499 MFC after: 1 week XMFC-with: r367530 Sponsored by: Netflix, Inc. Modified: head/sys/netinet/tcp_timewait.c Modified: head/sys/netinet/tcp_timewait.c ============================================================================== --- head/sys/netinet/tcp_timewait.c Fri Nov 20 12:31:02 2020 (r367890) +++ head/sys/netinet/tcp_timewait.c Fri Nov 20 13:00:28 2020 (r367891) @@ -374,6 +374,7 @@ tcp_twstart(struct tcpcb *tp) /* * Returns 1 if the TIME_WAIT state was killed and we should start over, * looking for a pcb in the listen state. Returns 0 otherwise. + * It be called with to == NULL only for pure SYN-segments. */ int tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, @@ -397,6 +398,8 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to, stru goto drop; thflags = th->th_flags; + KASSERT(to != NULL || (thflags & (TH_SYN | TH_ACK)) == TH_SYN, + ("tcp_twcheck: called without options on a non-SYN segment")); /* * NOTE: for FIN_WAIT_2 (to be added later), @@ -411,16 +414,6 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to, stru if (thflags & TH_RST) goto drop; - /* - * If timestamps were negotiated during SYN/ACK and a - * segment without a timestamp is received, silently drop - * the segment. - * See section 3.2 of RFC 7323. - */ - if (((to->to_flags & TOF_TS) == 0) && (tw->t_recent != 0)) { - goto drop; - } - #if 0 /* PAWS not needed at the moment */ /* @@ -454,6 +447,16 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to, stru */ if ((thflags & TH_ACK) == 0) goto drop; + + /* + * If timestamps were negotiated during SYN/ACK and a + * segment without a timestamp is received, silently drop + * the segment. + * See section 3.2 of RFC 7323. + */ + if (((to->to_flags & TOF_TS) == 0) && (tw->t_recent != 0)) { + goto drop; + } /* * Reset the 2MSL timer if this is a duplicate FIN.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202011201300.0AKD0TDW046562>