From nobody Wed Jun 08 07:39:14 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8A0AD832D39; Wed, 8 Jun 2022 07:39:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LHzcy3Qztz4YBH; Wed, 8 Jun 2022 07:39:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654673954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oVdl9uhxpJpO/YV2+CuvytqKusgs7eBbNR7n1ofKm8I=; b=qhSu6aNTvF2FqyAcFnSMMfoIyQn9xED0abHxk9tlLzq1cdmG/jWOJw9Wfl4H+WD0GQ2FVh dOihJpJr2xrdAc0CqROcQoti/llii2IegTtIEKV+qu1OLZY5BAlKSEyfE1z/wVLAogZBv1 PwkZQPXM4iohwQ30yfsHBL5L1BeCyGTA5w8ZrgJnwDS5H4aLwzqFVkagaC4aMkP7EihlfZ aM1EmFbJqtRffNt8x+20mc7bQhZFh0XaOUVFHQ8/MgCTOxMCa3WGyTR9xsbVak2KK8Z4Ks r+qH/ZDcpqOocpQjRht2uJUETVHG3NO6ba2gsH2sH0n82yNSNruh/wu5LElY4A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 564D13656; Wed, 8 Jun 2022 07:39:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2587dEPH014066; Wed, 8 Jun 2022 07:39:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2587dEhT014065; Wed, 8 Jun 2022 07:39:14 GMT (envelope-from git) Date: Wed, 8 Jun 2022 07:39:14 GMT Message-Id: <202206080739.2587dEhT014065@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Richard Scheffenegger Subject: git: ce2525c8108a - main - tcp: remove goto and address another NULL deref in SACK List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rscheff X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ce2525c8108a830d08d75771621d1bc580edd82c Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654673954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oVdl9uhxpJpO/YV2+CuvytqKusgs7eBbNR7n1ofKm8I=; b=PxwN2FVGW/BkCYYkX0dMcSCuhJCenSLYLvEie6SMUwqTEqdVskylN7lg95f+MjjD8J2jef OxLQ8lkivEflwi4d4aks6TNCxbQ2QTy873F2PqipDI0dr0SKO2q9nY7reIjl/L7KIyCfzl GfVx85ZtiVhRkBHoGHF+s/C4iYyCmfrYN03EtoYAow9V/Wtt4wQWs904cG4RJKhRN4mHgx 930XU9guzGj3+9ydOOQ4P4hRJd7hqmz82Qf2XGIimx7ysbU/IilklwWkOfEsfVT72rFSCv qKctAZ1up+O0/hrwemTKYCOh3UmS6BDs6JnyF1uQW0b83VRcZM1x7U+v0JNYRg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1654673954; a=rsa-sha256; cv=none; b=NMOmw5iBxAzOUgflDGEEzFJN2NB0MoRYZnBQlF4AzB3zhWOOBjjvr8EVq9VqyqVVKX0QSg k8pID8o4Y4X0xVDDW1afeYTZNwA9aeXHC3ai97ZGApyg8fV/E73nk1UllaNFlKHkzEeSVK aGAkI8EM7s/0UfNBksS0gyMcOKf7KQs035mAOkk95oGonqCiqJ0ojca+UQyk7UmAzRhUmi nEsRpwYUsvz4uMwxy/8UDYCeGPFaGJyu3EgU4nTGpQfaw2SJvEOh4oR0jNLDVk3+A1gPTY +ZXVKf48gwgV9W2cBzy2e9quMx6FcWn0sFnC5/0U6OqQP0pm/EoUCxPQcAqzEQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by rscheff: URL: https://cgit.FreeBSD.org/src/commit/?id=ce2525c8108a830d08d75771621d1bc580edd82c commit ce2525c8108a830d08d75771621d1bc580edd82c Author: Richard Scheffenegger AuthorDate: 2022-06-08 07:14:16 +0000 Commit: Richard Scheffenegger CommitDate: 2022-06-08 07:18:32 +0000 tcp: remove goto and address another NULL deref in SACK Missed another NULL dereference during KASSERTS after traversing the scoreboard. While at it, scratch the goto by making the traversal conditional, and remove duplicate checks using an unconditional loop with all checks inside. Reviewed By: hselasky PR: 263445 MFC after: 1 week Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D35428 --- sys/netinet/tcp_sack.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/sys/netinet/tcp_sack.c b/sys/netinet/tcp_sack.c index 273d56c510e2..97f9f6546ca9 100644 --- a/sys/netinet/tcp_sack.c +++ b/sys/netinet/tcp_sack.c @@ -958,15 +958,17 @@ tcp_sack_output(struct tcpcb *tp, int *sack_bytes_rexmt) hole = tp->sackhint.nexthole; if (hole == NULL) return (hole); - if (SEQ_LT(hole->rxmit, hole->end)) - goto out; - while ((hole = TAILQ_NEXT(hole, scblink)) != NULL) { - if (SEQ_LT(hole->rxmit, hole->end)) { - tp->sackhint.nexthole = hole; - break; + if (SEQ_GEQ(hole->rxmit, hole->end)) { + for (;;) { + hole = TAILQ_NEXT(hole, scblink); + if (hole == NULL) + return (hole); + if (SEQ_LT(hole->rxmit, hole->end)) { + tp->sackhint.nexthole = hole; + break; + } } } -out: KASSERT(SEQ_LT(hole->start, hole->end), ("%s: hole.start >= hole.end", __func__)); KASSERT(SEQ_LT(hole->start, tp->snd_fack), ("%s: hole.start >= snd.fack", __func__)); KASSERT(SEQ_LT(hole->end, tp->snd_fack), ("%s: hole.end >= snd.fack", __func__));