]> CyberLeo.Net >> Repos - FreeBSD/stable/10.git/commit
projects / FreeBSD / stable / 10.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a94d52b) | patch
MFC r307551:
authorjch <jch@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Tue, 25 Oct 2016 12:58:36 +0000 (12:58 +0000)
committerjch <jch@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Tue, 25 Oct 2016 12:58:36 +0000 (12:58 +0000)
commitbe87a37d7adcc29dc725badd3f306af99d79c5dc
treed2bc5fed5e991a1f8c82f1f5cc3831bb655abb41tree | snapshot
parenta94d52b2a25e644844607ebee04ffa5cea513d48commit | diff
MFC r307551:

Fix a double-free when an inp transitions to INP_TIMEWAIT state
after having been dropped.

This change enforces in_pcbdrop() logic in tcp_input():

"in_pcbdrop() is used by TCP to mark an inpcb as unused and avoid future packet
delivery or event notification when a socket remains open but TCP has closed."

PR: 203175
Reported by: Palle Girgensohn, Slawa Olhovchenkov
Tested by: Slawa Olhovchenkov
Reviewed by: Slawa Olhovchenkov
Approved by: gnn, Slawa Olhovchenkov
Differential Revision: https://reviews.freebsd.org/D8211
Sponsored by: Verisign, inc

git-svn-id: svn://svn.freebsd.org/base/stable/10@307906 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
sys/netinet/tcp_input.c diff | blob | history
sys/netinet/tcp_timewait.c diff | blob | history
sys/netinet/tcp_usrreq.c diff | blob | history
10-STABLE