https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281938
--- Comment #7 from Michael Tuexen <tue...@freebsd.org> ---
(In reply to nakayamakenjiro from comment #0)
If we are in the code path you mention, we are in the body of
if (len + optlen + ipoptlen > tp->t_maxseg) {
flags &= ~TH_FIN;
if (tso) {
/* somewhere here */
}
}
tso is set by
if ((tp->t_flags & TF_TSO) && V_tcp_do_tso && len > tp->t_maxseg &&
(tp->t_port == 0) &&
((tp->t_flags & TF_SIGNATURE) == 0) &&
(!sack_rxmit || V_tcp_sack_tso) &&
(ipoptlen == 0 || (ipoptlen == ipsec_optlen &&
(tp->t_flags2 & TF2_IPSEC_TSO) != 0)) &&
!(flags & TH_SYN))
tso = 1;
This means that ipoptlen == ipsec_optlen in all cases (if ipoptlen == 0, then
also ipsec_optlen == 0). Therefore tp->t_maxseg >= len + optlen + ipoptlen
holds due to the check in the if condition and finally tp->t_maxseg >= len +
optlen + ipsec_optlen holds, since ipoptlen == ipsec_optlen.
Therefore max_len = tp->t_maxseg - optlen - ipsec_optlen is positive.
--
You are receiving this mail because:
You are on the CC list for the bug.
