On Mon, 31 Jan 2005, 13:14-0000, Robert Watson wrote: > > On Mon, 31 Jan 2005, Maxim Konovalov wrote: > > > > The locking in the 6.x version looked reasonable, although you need to > > > check to see if the (tp) returned by tcp_drop() is NULL or not and then > > > conditionally unlock the inpcb if it's non-NULL -- otherwise you might > > > unlock a free'd inpcb. There doesn't seem to be much validation of the > > > tcp_ident_mapping structure, such as validation that the address lengths, > > > etc, are correct? > > > > I've updated the diff for HEAD. How does it look now? TIA! > > The locking needs slightly more tweaking -- note that you still need to > unlock (inp) if (tp = intotcpcb(inp)) returns NULL, and right now that > won't happen. The "check tp for NULL" unlock case should only occur if > you call tcp_drop(). Perhaps something like this: > > INP_LOCK(inp); > if ((tp = intotcpcb(inp)) && > ((inp->inp_socket->so_options & SO_ACCEPTCONN) == 0)) { > tp = tcp_drop(tp, ECONNABORTED); > if (tp != NULL) > INP_UNLOCK(inp); > } else > INP_UNLOCK(inp); I see, updated. Thanks! -- Maxim KonovalovReceived on Mon Jan 31 2005 - 12:42:55 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:27 UTC