Fix Denial of Service in TCP packet processing.

Security: FreeBSD-SA-14:19.tcp Approved by: re (implicit, security advisory)
author: delphij <delphij@FreeBSD.org> 2014-09-16 09:48:35 +0000
committer: delphij <delphij@FreeBSD.org> 2014-09-16 09:48:35 +0000
commit: f7baec35a31fd33585a0d97ca1c8166a3a9873b8 (patch)
tree: e84cbd20e63f700273fb3071437b316765717c27 /sys/netinet
parent: 4f02bb3b6b1f0cd64fdf90db819bdf04b6e2045b (diff)
download: FreeBSD-src-f7baec35a31fd33585a0d97ca1c8166a3a9873b8.zip
FreeBSD-src-f7baec35a31fd33585a0d97ca1c8166a3a9873b8.tar.gz
1 files changed, 1 insertions, 5 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 737e88a..d8d550a 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -2176,11 +2176,7 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so,
 
 	todrop = tp->rcv_nxt - th->th_seq;
 	if (todrop > 0) {
-		/*
-		 * If this is a duplicate SYN for our current connection,
-		 * advance over it and pretend and it's not a SYN.
-		 */
-		if (thflags & TH_SYN && th->th_seq == tp->irs) {
+		if (thflags & TH_SYN) {
 			thflags &= ~TH_SYN;
 			th->th_seq++;
 			if (th->th_urp > 1)
author	delphij <delphij@FreeBSD.org>	2014-09-16 09:48:35 +0000
committer	delphij <delphij@FreeBSD.org>	2014-09-16 09:48:35 +0000
commit	f7baec35a31fd33585a0d97ca1c8166a3a9873b8 (patch)
tree	e84cbd20e63f700273fb3071437b316765717c27 /sys/netinet
parent	4f02bb3b6b1f0cd64fdf90db819bdf04b6e2045b (diff)
download	FreeBSD-src-f7baec35a31fd33585a0d97ca1c8166a3a9873b8.zip FreeBSD-src-f7baec35a31fd33585a0d97ca1c8166a3a9873b8.tar.gz