[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) i
From: |
Guillaume du PONTAVICE |
Subject: |
[lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process |
Date: |
Fri, 23 Oct 2009 15:53:37 +0000 |
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729) |
Follow-up Comment #2, bug #27791 (project lwip):
Hi,
the TCP SYN packet is sent in
tcp_output_segment(seg, pcb); (line 588)
588: tcp_output_segment(seg, pcb);
589: snd_nxt = ntohl(seg->tcphdr->seqno) + TCP_TCPLEN(seg);
590: if (TCP_SEQ_LT(pcb->snd_nxt, snd_nxt)) {
591: pcb->snd_nxt = snd_nxt;
592: }
593: /* put segment on unacknowledged list if length > 0 */
594: if (TCP_TCPLEN(seg) > 0) {
595: seg->next = NULL;
596: /* unacked list is empty? */
597: if (pcb->unacked == NULL) {
598: pcb->unacked = seg;
599: useg = seg;
see stack trace below:
# 0 tcp_output_segment
# 1 ip_output
# 2 ip_output_if
# 3 netif->output
if you look at my stack trace, I have reached line 589 (the packet is sent),
the pb comes from the fact that pcb->unacked is set line 598.
=> if the TCP SYN ACK comes back before I reach line 598, then I have a pb.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?27791>
_______________________________________________
Message posté via/par Savannah
http://savannah.nongnu.org/
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Guillaume du PONTAVICE, 2009/10/23
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Kieran Mansley, 2009/10/23
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process,
Guillaume du PONTAVICE <=
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Kieran Mansley, 2009/10/23
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Guillaume du PONTAVICE, 2009/10/23
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Simon Goldschmidt, 2009/10/23
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Simon Goldschmidt, 2009/10/23
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Guillaume du PONTAVICE, 2009/10/26
- [lwip-devel] [bug #27791] null pointer dereference (pcb->unacked == 0) in tcp_in.c:tcp_process, Simon Goldschmidt, 2009/10/26