mirror of https://github.com/cesanta/mongoose.git synced 2025-01-14 01:38:01 +08:00

Go to file

Deomid Ryabkov 44b15b76f7 Fix leaking non-active (e.g., bound) LWIP TCP PCBs

tcp_close_tcpip() only closed active TCP PCBs, leaking other types of TCP PCBs
(notably bound only, not yet connected/used).  With time, this led to DoS
situations.

Fix by giving up on the hacky way of searching the LWIP innards for the TCP PCB
needing closing.  The searching was non-comprehensive, hence the problem in
principle, and inherently racy: could close a meanwhile freed & reused PCB.

Pass the pointer to the struct mg_lwip_conn_state of the struct mg_connection
being destroyed to tcp_close_tcpip() instead of the bare PCB pointer, so the PCB
pointer stored within can be used.  Delay unassigning that pointer from the
struct mg_connection until tcp_close_tcpip() finishes, so that
a mg_lwip_tcp_error_cb() meanwhile can clear the PCB pointer stored within.
That ensures no double-closing of the TCP PCB when a concurrent TCP error makes
LWIP close the TCP PCB from the LWIP side.

NB!  At the moment, PCBs can still leak if tcp_close() fails, which is unlikely
but possible as per the API.  Retrying tcp_close() should somehow be
implemented.  For now, at least add logging of tcp_close() failures.

Also: remove the extraneous though benign double-calling of tcp_arg(…, NULL).

h/t @QRPp

2022-09-27 09:20:15 +01:00

docs

Make it possible to override default FS update algorithm

2020-06-11 18:27:48 +01:00

examples

Add http proxy client example

2020-03-25 16:32:49 +00:00

jni

!): Fix for compile error in Android.

2016-07-06 14:50:08 +08:00

src

Fix leaking non-active (e.g., bound) LWIP TCP PCBs