net/tcp: Fix clear condition in ofoseg input #9041
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fix clear condition in TCP ofoseg input (when receiving an out-of-ordered ACK)
We have a case that an http server gives out-of-ordered ACKs, and NuttX client makes
ofoseg
s with length 0, trying to rebuild / put them intoofosegs
array, which is not intended (no available data and should be skipped). This breaks later logic and finally crashed intcp_ofoseg_bufsize
(ofosegs[i].data
isNULL
, which should never happen in normal logic).Note:
iob_trimhead
won't returnNULL
when it's applying on normal IOB.dev->d_iob == NULL
to avoidiob_trimhead
changed.iob_free_chain
will do nothing when applied toNULL
.Patch also included:
ofosegs[i].data
becomeNULL
intcp_ofoseg_bufsize
when there are severalofoseg
s with length 0.Impact
TCP Out-of-order segment process, especially when receiving an out-of-ordered ACK.
Testing
Manually.