tcp: in SYN_SENT only accept SYNACK, discard everything else.

THis would let FIN packets through, breaking the logic below. Found with cargo-fuzz.
2021-10-04 23:39:43 +02:00 · 2021-10-04 23:39:43 +02:00 · 16abd60e9b
parent 947a69b8b2
commit 16abd60e9b
1 changed files with 11 additions and 18 deletions
--- a/src/socket/tcp.rs
+++ b/src/socket/tcp.rs
@ -1355,24 +1355,6 @@ impl<'a> TcpSocket<'a> {
                );
                return Err(Error::Dropped);
            }
-            // Any ACK in the SYN-SENT state must have the SYN flag set.
-            (
-                State::SynSent,
-                &TcpRepr {
-                    control: TcpControl::None,
-                    ack_number: Some(_),
-                    ..
-                },
-            ) => {
-                net_debug!(
-                    "{}:{}:{}: expecting a SYN|ACK",
-                    self.meta.handle,
-                    self.local_endpoint,
-                    self.remote_endpoint
-                );
-                self.abort();
-                return Err(Error::Dropped);
-            }
            // SYN|ACK in the SYN-SENT state must have the exact ACK number.
            (
                State::SynSent,
@ -1392,6 +1374,17 @@ impl<'a> TcpSocket<'a> {
                    return Err(Error::Dropped);
                }
            }
+            // Anything else in the SYN-SENT state is invalid.
+            (State::SynSent, _) => {
+                net_debug!(
+                    "{}:{}:{}: expecting a SYN|ACK",
+                    self.meta.handle,
+                    self.local_endpoint,
+                    self.remote_endpoint
+                );
+                self.abort();
+                return Err(Error::Dropped);
+            }
            // Every acknowledgement must be for transmitted but unacknowledged data.
            (
                _,