Bugzilla – Bug 2613
MaxRxSequence () is sometimes too large
Last modified: 2017-02-06 07:27:26 EST
Created attachment 2734 [details] proposed patch
Hi, there seems to be an issue in the calculation of MaxRxSequence () within TcpRxBuffer. The problem is that, if there is data in the buffer, the maximum sequence number is calculated as follows: else if (m_data.size ()) { // No data allowed beyond Rx window allowed return m_data.begin ()->first + SequenceNumber32 (m_maxBuffer); } However, this does not handle the case where the first element in the buffer is not actually in order, but arrived after a gap in the sequence space. In this case, the maximum buffer size should of course count from the sequence number we are expecting (the gap), so we save the space for the data that will be retransmitted later. My fix thus is: else if (m_data.size () && m_nextRxSeq > m_data.begin ()->first) { // No data allowed beyond Rx window allowed return m_data.begin ()->first + SequenceNumber32 (m_maxBuffer); } Without this change, we can run into situations in which MaxRxSequence () returns a sequence number that is greater than m_nextRxSeq + m_maxBuffer.
Moved to last call state, I'd like to merge this with the ADV.WND patch.
Fixed in 12671:4e3671db908e, thank you