Mercurial > illumos > illumos-gate
changeset 13496:732144cfe2ef
1695 tcp_icmp_input sends packets with a closed connection
Reviewed by: Bryan Cantrill <bryan@joyent.com>
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Reviewed by: Dan McDonald <danmcd@nexenta.com>
Reviewed by: Garrett D'Amore <garrett@nexenta.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
author | Robert Mustacchi <rm@joyent.com> |
---|---|
date | Fri, 28 Oct 2011 20:17:44 -0400 |
parents | 4ac8112a8e30 |
children | 205481e35e49 |
files | usr/src/uts/common/inet/tcp/tcp_input.c |
diffstat | 1 files changed, 11 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/uts/common/inet/tcp/tcp_input.c Sun May 15 23:44:52 2011 +0100 +++ b/usr/src/uts/common/inet/tcp/tcp_input.c Fri Oct 28 20:17:44 2011 -0400 @@ -22,6 +22,7 @@ /* * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. * Copyright 2011 Nexenta Systems, Inc. All rights reserved. + * Copyright (c) 2011 Joyent, Inc. All rights reserved. */ /* This file contains all TCP input processing functions. */ @@ -5536,6 +5537,16 @@ ASSERT((MBLKL(mp) >= sizeof (ipha_t))); /* + * It's possible we have a closed, but not yet destroyed, TCP + * connection. Several fields (e.g. conn_ixa->ixa_ire) are invalid + * in the closed state, so don't take any chances and drop the packet. + */ + if (tcp->tcp_state == TCPS_CLOSED) { + freemsg(mp); + return; + } + + /* * Verify IP version. Anything other than IPv4 or IPv6 packet is sent * upstream. ICMPv6 is handled in tcp_icmp_error_ipv6. */