Author: delphij
Date: Tue Sep 16 09:48:35 2014
New Revision: 271667
URL: http://svnweb.freebsd.org/changeset/base/271667
Log:
Fix Denial of Service in TCP packet processing.
Security: FreeBSD-SA-14:19.tcp
Approved by: re (implicit, security advisory)
Modified:
stable/10/sys/netinet/tcp_input.c
Modified: stable/10/sys/netinet/tcp_input.c
==============================================================================
--- stable/10/sys/netinet/tcp_input.c Tue Sep 16 09:48:24 2014
(r271666)
+++ stable/10/sys/netinet/tcp_input.c Tue Sep 16 09:48:35 2014
(r271667)
@@ -2176,11 +2176,7 @@ tcp_do_segment(struct mbuf *m, struct tc
todrop = tp->rcv_nxt - th->th_seq;
if (todrop > 0) {
- /*
- * If this is a duplicate SYN for our current connection,
- * advance over it and pretend and it's not a SYN.
- */
- if (thflags & TH_SYN && th->th_seq == tp->irs) {
+ if (thflags & TH_SYN) {
thflags &= ~TH_SYN;
th->th_seq++;
if (th->th_urp > 1)
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
