mirror of
https://github.com/lwip-tcpip/lwip.git
synced 2024-12-28 18:16:13 +00:00
Added check to prevent tcp_pcb->snd_queuelen from overflowing.
This commit is contained in:
parent
af71292aba
commit
6c3c184bc7
@ -238,6 +238,9 @@ HISTORY
|
||||
|
||||
++ Bug fixes:
|
||||
|
||||
2007-06-28 Simon Goldschmidt
|
||||
* tcp_out.c: Added check to prevent tcp_pcb->snd_queuelen from overflowing.
|
||||
|
||||
2007-06-28 Simon Goldschmidt
|
||||
* tcp.h: Fixed bug #20287: Fixed nagle algorithm (sending was done too early if
|
||||
a segment contained chained pbufs)
|
||||
|
@ -158,7 +158,8 @@ tcp_enqueue(struct tcp_pcb *pcb, void *arg, u16_t len,
|
||||
/* If total number of pbufs on the unsent/unacked queues exceeds the
|
||||
* configured maximum, return an error */
|
||||
queuelen = pcb->snd_queuelen;
|
||||
if (queuelen >= TCP_SND_QUEUELEN) {
|
||||
/* check for configured max queuelen and possible overflow of u8_t */
|
||||
if ((queuelen >= TCP_SND_QUEUELEN) || (queuelen > 253)) {
|
||||
LWIP_DEBUGF(TCP_OUTPUT_DEBUG | 3, ("tcp_enqueue: too long queue %"U16_F" (max %"U16_F")\n", queuelen, TCP_SND_QUEUELEN));
|
||||
TCP_STATS_INC(tcp.memerr);
|
||||
return ERR_MEM;
|
||||
@ -261,7 +262,8 @@ tcp_enqueue(struct tcp_pcb *pcb, void *arg, u16_t len,
|
||||
|
||||
/* Now that there are more segments queued, we check again if the
|
||||
length of the queue exceeds the configured maximum. */
|
||||
if (queuelen > TCP_SND_QUEUELEN) {
|
||||
/* check for configured max queuelen and possible overflow of u8_t */
|
||||
if ((queuelen > TCP_SND_QUEUELEN) || (queuelen > 253)) {
|
||||
LWIP_DEBUGF(TCP_OUTPUT_DEBUG | 2, ("tcp_enqueue: queue too long %"U16_F" (%"U16_F")\n", queuelen, TCP_SND_QUEUELEN));
|
||||
goto memerr;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user