From d7204df896b717c111000f87b74cd91250aae200 Mon Sep 17 00:00:00 2001 From: Andre Puschmann Date: Mon, 14 Jun 2021 12:33:57 +0200 Subject: [PATCH] rlc_am_lte: check rx window first when receiving status PDU move rx window check up so no actions are taken when receiving malformed status PDU --- lib/src/upper/rlc_am_lte.cc | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/lib/src/upper/rlc_am_lte.cc b/lib/src/upper/rlc_am_lte.cc index afa6c511d..30dc53afa 100644 --- a/lib/src/upper/rlc_am_lte.cc +++ b/lib/src/upper/rlc_am_lte.cc @@ -1170,13 +1170,24 @@ void rlc_am_lte::rlc_am_lte_tx::handle_control_pdu(uint8_t* payload, uint32_t no std::unique_lock lock(mutex); - logger.info(payload, nof_bytes, "%s Rx control PDU", RB_NAME); + logger.debug(payload, nof_bytes, "%s Rx control PDU", RB_NAME); rlc_status_pdu_t status; rlc_am_read_status_pdu(payload, nof_bytes, &status); log_rlc_am_status_pdu_to_string(logger.info, "%s Rx Status PDU: %s", &status, RB_NAME); + // make sure ACK_SN is within our Tx window + if (((MOD + status.ack_sn - vt_a) % MOD > RLC_AM_WINDOW_SIZE) || + ((MOD + vt_s - status.ack_sn) % MOD > RLC_AM_WINDOW_SIZE)) { + logger.warning("%s Received invalid status PDU (ack_sn=%d, vt_a=%d, vt_s=%d). Dropping PDU.", + RB_NAME, + status.ack_sn, + vt_a, + vt_s); + return; + } + // Sec 5.2.2.2, stop poll reTx timer if status PDU comprises a positive _or_ negative acknowledgement // for the RLC data PDU with sequence number poll_sn if (poll_retx_timer.is_valid() && (TX_MOD_BASE(poll_sn) < TX_MOD_BASE(status.ack_sn))) { @@ -1189,16 +1200,6 @@ void rlc_am_lte::rlc_am_lte_tx::handle_control_pdu(uint8_t* payload, uint32_t no retx_queue.clear(); } - // make sure ACK_SN is within our Tx window - if ((MOD + status.ack_sn - vt_a) % MOD > RLC_AM_WINDOW_SIZE) { - logger.error("%s Received invalid status PDU (ack_sn=%d < vt_a=%d). Dropping PDU.", RB_NAME, status.ack_sn, vt_a); - return; - } - if ((MOD + vt_s - status.ack_sn) % MOD > RLC_AM_WINDOW_SIZE) { - logger.error("%s Received invalid status PDU (ack_sn=%d > vt_s=%d). Dropping PDU.", RB_NAME, status.ack_sn, vt_s); - return; - } - // Handle ACKs and NACKs bool update_vt_a = true; uint32_t i = vt_a;