Page MenuHomeFreeBSD
Differential D35428

tcp: remove goto and address another NULL deref in SACK
ClosedPublic
Actions

Authored by rscheff on Jun 8 2022, 6:44 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Apr 30, 2:15 AM
Unknown Object (File)
Tue, Apr 30, 2:15 AM
Unknown Object (File)
Tue, Apr 30, 2:15 AM
Unknown Object (File)
Tue, Apr 30, 1:48 AM
Unknown Object (File)
Mon, Apr 29, 7:33 PM
Unknown Object (File)
Fri, Apr 26, 5:54 AM
Unknown Object (File)
Sat, Apr 6, 5:34 PM
Unknown Object (File)
Jan 17 2024, 1:02 AM
View All 32 Files
Subscribers
glebius
hselasky
imp
melifaro
Contributor Reviews (src)

Details

Reviewers
hselasky
Group Reviewers
transport
Commits
rGce2525c8108a: tcp: remove goto and address another NULL deref in SACK
Summary

Missed another NULL dereference during KASSERTS after traversing
the scoreboard. While at it, scratch the goto by making the
traversal conditional.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rscheff created this revision.Jun 8 2022, 6:44 AM
Herald added a reviewer: transport. · View Herald TranscriptJun 8 2022, 6:44 AM
Herald added subscribers: Contributor Reviews (src), glebius, melifaro, imp. · View Herald Transcript
rscheff requested review of this revision.Jun 8 2022, 6:44 AM
Harbormaster completed remote builds in B45902: Diff 106753.Jun 8 2022, 6:44 AM
hselasky added a subscriber: hselasky.Jun 8 2022, 7:03 AM
hselasky added inline comments.
sys/netinet/tcp_sack.c
971–972

The NULL check should be inside the if (SEQ_GEQ()).

hselasky added inline comments.Jun 8 2022, 7:05 AM
sys/netinet/tcp_sack.c
962

I would just write the code like this:

for (;;) {
hole = TAILQ_NEXT(hole, scblink);
if (hole == NULL)
return (hole);
if ....
   break;
}
962

To avoid duplicated NULL checks.

rscheff updated this revision to Diff 106754.Jun 8 2022, 7:11 AM
  • unconditional loop, with checks inside
Harbormaster completed remote builds in B45903: Diff 106754.Jun 8 2022, 7:11 AM
rscheff marked 3 inline comments as done.Jun 8 2022, 7:12 AM
hselasky accepted this revision.Jun 8 2022, 7:15 AM

Looks good!

This revision was not accepted when it landed; it landed in state Needs Review.Jun 8 2022, 7:39 AM
Closed by commit rGce2525c8108a: tcp: remove goto and address another NULL deref in SACK (authored by rscheff). · Explain Why
This revision was automatically updated to reflect the committed changes.
rscheff added a commit: rGce2525c8108a: tcp: remove goto and address another NULL deref in SACK.

Revision Contents
Changeset List

PathSize
sys/
netinet/
16 lines

Diff 106756

View Options

sys/netinet/tcp_sack.c

Loading...