From 4ac0580aa0cc6eea0352e8f0a5d7637f9a977c03 Mon Sep 17 00:00:00 2001 From: kieranm Date: Fri, 13 Jul 2007 12:24:32 +0000 Subject: [PATCH] 2007-07-13 Kieran Mansley * src/core/tcp_in.c Apply patch#5741 from Oleg Tyshev to fix bug in out of sequence processing of received packets --- CHANGELOG | 8 ++++++++ src/core/tcp_in.c | 9 +++++++++ 2 files changed, 17 insertions(+) diff --git a/CHANGELOG b/CHANGELOG index 6597dee0..301fc87a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -241,6 +241,10 @@ HISTORY ++ Bug fixes: + 2007-07-13 Kieran Mansley + * src/core/tcp_in.c Apply patch#5741 from Oleg Tyshev to fix bug in + out of sequence processing of received packets + 2007-07-03 Simon Goldschmidt * nearly-all-files: Added assertions where PBUF_RAM pbufs are used and an assumption is made that this pbuf is in one piece (i.e. not chained). These @@ -429,6 +433,10 @@ HISTORY 2007-04-12 Jonathan Larmour * icmp.c: Reset IP header TTL in ICMP ECHO responses (bug #19580). + 2007-04-12 Kieran Mansley + * tcp.c, tcp_in.c, tcp_out.c, tcp.h: Modify way the retransmission + timer is reset to fix bug#19434, with help from Oleg Tyshev. + 2007-04-11 Simon Goldschmidt * etharp.c, pbuf.c, pbuf.h: 3rd fix for bug #11400 (arp-queuing): More pbufs than previously thought need to be copied (everything but PBUF_ROM!). Cleaned up diff --git a/src/core/tcp_in.c b/src/core/tcp_in.c index c7aa39f2..38c39743 100644 --- a/src/core/tcp_in.c +++ b/src/core/tcp_in.c @@ -1113,6 +1113,15 @@ tcp_receive(struct tcp_pcb *pcb) pcb->ooseq = cseg; } } + tcp_seg_free(next); + if (cseg->next != NULL) { + next = cseg->next; + if (TCP_SEQ_GT(seqno + cseg.len, next->tcphdr->seqno)) { + /* We need to trim the incoming segment. */ + cseg.len = next->tcphdr->seqno - seqno; + pbuf_realloc(cseg.p, cseg.len); + } + } break; } else { /* Either the lenghts are the same or the incoming