Commit 5e28599a authored by Gerrit Renker's avatar Gerrit Renker Committed by David S. Miller

[CCID2]: Sequence number wraparound issues

This replaces several uses of standard arithmetic with the DCCP
sequence number arithmetic functions. The problem here is that the
sequence number wrap-around was not taken into consideration.

 * Condition "seqp->ccid2s_seq <= prev->ccid2s_seq" has been replaced
   by

   	dccp_delta_seqno(seqp->ccid2s_seq, prev->ccid2s_seq) >= 0

   since if seqp is `before' prev, then the delta_seqno() is positive.

 * The test whether sequence numbers `a' and `b' are consecutive has
   the form

   	dccp_delta_seqno(a, b) == 1

 * Increment of ccid2hctx_rpseq could be done using dccp_inc_seqno(),
   but since here the incremented ccid2hctx_rpseq == seqno, used
   assignment instead.
Signed-off-by: default avatarGerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 6c583248
...@@ -59,7 +59,8 @@ static void ccid2_hc_tx_check_sanity(const struct ccid2_hc_tx_sock *hctx) ...@@ -59,7 +59,8 @@ static void ccid2_hc_tx_check_sanity(const struct ccid2_hc_tx_sock *hctx)
pipe++; pipe++;
/* packets are sent sequentially */ /* packets are sent sequentially */
BUG_ON(seqp->ccid2s_seq <= prev->ccid2s_seq); BUG_ON(dccp_delta_seqno(seqp->ccid2s_seq,
prev->ccid2s_seq ) >= 0);
BUG_ON(time_before(seqp->ccid2s_sent, BUG_ON(time_before(seqp->ccid2s_sent,
prev->ccid2s_sent)); prev->ccid2s_sent));
...@@ -562,8 +563,8 @@ static void ccid2_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb) ...@@ -562,8 +563,8 @@ static void ccid2_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb)
hctx->ccid2hctx_rpseq = seqno; hctx->ccid2hctx_rpseq = seqno;
} else { } else {
/* check if packet is consecutive */ /* check if packet is consecutive */
if ((hctx->ccid2hctx_rpseq + 1) == seqno) if (dccp_delta_seqno(hctx->ccid2hctx_rpseq, seqno) == 1)
hctx->ccid2hctx_rpseq++; hctx->ccid2hctx_rpseq = seqno;
/* it's a later packet */ /* it's a later packet */
else if (after48(seqno, hctx->ccid2hctx_rpseq)) { else if (after48(seqno, hctx->ccid2hctx_rpseq)) {
hctx->ccid2hctx_rpdupack++; hctx->ccid2hctx_rpdupack++;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment