From: Victor Julien Date: Mon, 28 Dec 2020 18:18:08 +0000 (+0100) Subject: stream/tcp: fix invalid ack events in timewait state X-Git-Tag: suricata-7.0.0-beta1~1930 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=895938080f52db464faf8d971fd5b06bc139ad0a;p=thirdparty%2Fsuricata.git stream/tcp: fix invalid ack events in timewait state --- diff --git a/src/stream-tcp.c b/src/stream-tcp.c index a54b9fd9b6..94a60184c2 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -2926,10 +2926,13 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p, if (StreamTcpPacketIsRetransmission(&ssn->server, p)) { SCLogDebug("ssn %p: packet is retransmission", ssn); retransmission = 1; + } else if (SEQ_EQ(ssn->server.next_seq, TCP_GET_SEQ(p)) && + SEQ_EQ(ssn->client.last_ack, TCP_GET_ACK(p))) { + SCLogDebug("ssn %p: packet is retransmission", ssn); + retransmission = 1; } else if (SEQ_LT(TCP_GET_SEQ(p), ssn->server.next_seq) || - SEQ_GT(TCP_GET_SEQ(p), (ssn->server.last_ack + ssn->server.window))) - { + SEQ_GT(TCP_GET_SEQ(p), (ssn->server.last_ack + ssn->server.window))) { SCLogDebug("ssn %p: -> SEQ mismatch, packet SEQ %" PRIu32 "" " != %" PRIu32 " from stream", ssn, TCP_GET_SEQ(p), ssn->server.next_seq); @@ -3334,6 +3337,10 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p, StreamTcpPacketSetState(p, ssn, TCP_TIME_WAIT); SCLogDebug("ssn %p: state changed to TCP_TIME_WAIT", ssn); + if (SEQ_EQ(ssn->client.next_seq, TCP_GET_SEQ(p))) { + StreamTcpUpdateNextSeq( + ssn, &ssn->client, (ssn->client.next_seq + p->payload_len)); + } ssn->server.window = TCP_GET_WINDOW(p) << ssn->server.wscale; }