diff options
author | Eric Dumazet <edumazet@google.com> | 2015-11-26 08:18:14 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2015-11-30 15:34:17 -0500 |
commit | 142a2e7ece8d8ac0e818eb2c91f99ca894730e2a (patch) | |
tree | 5450f107e0d9bec8edd1b7857b8a38b43175c9dc /lib/fdt.c | |
parent | 0f2c0d32e6536ad39c3e9589d42c53d0ee3bfa08 (diff) | |
download | op-kernel-dev-142a2e7ece8d8ac0e818eb2c91f99ca894730e2a.zip op-kernel-dev-142a2e7ece8d8ac0e818eb2c91f99ca894730e2a.tar.gz |
tcp: initialize tp->copied_seq in case of cross SYN connection
Dmitry provided a syzkaller (http://github.com/google/syzkaller)
generated program that triggers the WARNING at
net/ipv4/tcp.c:1729 in tcp_recvmsg() :
WARN_ON(tp->copied_seq != tp->rcv_nxt &&
!(flags & (MSG_PEEK | MSG_TRUNC)));
His program is specifically attempting a Cross SYN TCP exchange,
that we support (for the pleasure of hackers ?), but it looks we
lack proper tcp->copied_seq initialization.
Thanks again Dmitry for your report and testings.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Tested-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'lib/fdt.c')
0 files changed, 0 insertions, 0 deletions