Hi, all experts: I find a suspect point in function of sctp_process_a_data_chunk in all FreeBSD branches.for example:Line 1900 of sctp_indata: (asoc->strmin[strmno].last_sequence_delivered + 1) == strmseqThis is a logical judgement sentence.last_sequence_delivered is unsigned short type, strmseq is also.there is a problem: if last_sequence_delivered equal 0xffff, and the result of last_sequence_delivered + 1 must be 0x10000, rather than 0x0000, and if strmseq is also be 0x0, then this judgement will give you wrong value. so i think put a (uint16_t) before this sentence will be more secure. so how do you think?like this: (uint16_t)(asoc->strmin[strmno].last_sequence_delivered + 1) == strmseqThanks and i hope your response.
_______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
