Date: Sat, 22 Nov 1997 17:26:05 +1100 (EDT) From: Darren Reed <avalon@coombs.anu.edu.au> To: Don.Lewis@tsc.tdk.com (Don Lewis) Cc: Don.Lewis@tsc.tdk.com, jas@flyingfox.com, robert@cyrus.watson.org, security@FreeBSD.ORG Subject: Re: new TCP/IP bug in win95 (fwd)g Message-ID: <199711220627.WAA16372@hub.freebsd.org> In-Reply-To: <199711220037.QAA16107@salsa.gv.tsc.tdk.com> from "Don Lewis" at Nov 21, 97 04:37:17 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Don Lewis, sie said: > > I like the following patch better since it is both smaller and doesn't > require investigating all the different possible relationships between > sequence numbers. Comments? > > --- tcp_input.c.prev Fri Nov 21 04:34:51 1997 > +++ tcp_input.c Fri Nov 21 16:32:10 1997 > @@ -752,6 +752,18 @@ > } > > /* > + * If the state is SYN_RCVD: > + * If seg contains a SYN,ACK, then drop it and send a RST. > + * We should only ever get an ACK or a duplicate SYN (if our > + * SYN,ACK was lost) in this state. > + * Otherwise continue processing > + */ > + case TCPS_SYN_RECEIVED: > + if ((tiflags & (TH_SYN|TH_ACK)) == (TH_SYN|TH_ACK)) > + goto dropwithreset; > + break; /* continue normal processing */ > + > + /* > * If the state is SYN_SENT: > * if seg contains an ACK, but not for our SYN, drop the input. > * if seg contains a RST, then drop the connection. Hmmm, "doesn't require" checking seq/ack #'s ? The seq/ack numbers make up 66% of the validation that a TCP packet is part of an active stream. The other 33% is the source and destination port.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711220627.WAA16372>