diff options
author | Florin Coras <fcoras@cisco.com> | 2019-06-28 09:18:48 -0700 |
---|---|---|
committer | Dave Wallace <dwallacelf@gmail.com> | 2019-06-28 17:54:49 +0000 |
commit | f73d4c2084c9cb6df4a1f8582acef523e4ba0cb2 (patch) | |
tree | 00a74ad514896a4652e8f4901c9db93dc55918c1 /src | |
parent | 182bbc1c5ab3d8607153dd19f0a24baaf5cbfc88 (diff) |
tcp: reject out-of-order fins
Type:fix
Change-Id: Iab2c308739f7733dbf70953e0ea87dcc404c60da
Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/vnet/tcp/tcp_input.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index 23030ee77d2..848028f6940 100644 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -1698,6 +1698,10 @@ static void tcp_rcv_fin (tcp_worker_ctx_t * wrk, tcp_connection_t * tc, vlib_buffer_t * b, u32 * error) { + /* Reject out-of-order fins */ + if (vnet_buffer (b)->tcp.seq_end != tc->rcv_nxt) + return; + /* Account for the FIN and send ack */ tc->rcv_nxt += 1; tcp_program_ack (wrk, tc); |