MQX4.1 TCP HEADER CHECK ISSUE

wulinweng · ‎09-19-2016

Dear support:

our project used mqx4.1 tcp/ip stack, and now we so some network storm testings. we found an issue and the test report is below:

Achilles reported that when MC510 was subjected to TCP Grammar – Header fields
test, TCP port 443/tcp went down for 100 seconds but came back to normal open state
port-test. This was due to fuzzing of the TCP header fields in the TCP request packet.
This was observed only when bunch of test cases were run against the device and was
not reproducible when only failing test cases were rerun. All remaining services on
device were accessible during and after the test. LED status was also normal during and
after the test. It is recommended that device should properly validate header fields in the
TCP request packet before processing.

can you show me any information about the tcp header fields check or if the mqx4.2 verison is fixing the bug, please tell me.

BR,

danielchen · ‎09-20-2016

Hi :

We don't know your test case, could you please specify a little bit more ? and attach your error message.

What is your device and can we reproduce it with TWR-board?

Regards

Daniel

wulinweng · ‎09-20-2016

Dear Daniel,

thank you for your reply. we used the cpu is K64F120M and MQX4.1.

and the test case can not reproduce very clear test case from the third company test bunch.

we just know is that about the tcp header check error, so do you have any check about this tcp header in the source code:

/* Header of a TCP packet
*/
typedef struct tcp_header { /* see RFC sec.3.1 */

   unsigned char    source_port[2];   /* source TCP port number */
   unsigned char    dest_port[2];     /* destination TCP port number */
   unsigned char    seq[4];           /* of 1st data octet or 1st-1 if (flags & SYN)*/
   unsigned char    ack[4];           /* valid if (flags & ACK) */
   unsigned char    flags[2];         /* see flags values above */
   unsigned char    window[2];        /* nb of bytes recipient of packet can send */
   unsigned char    checksum[2];      /* (see RFC) */
   unsigned char    urgent[2];        /* offset from seq, valid if (flags & URG) */
                              /* then follow options in 4-byte multiples, */
                              /* then data */

} TCP_HEADER, * TCP_HEADER_PTR; /* 20 bytes */

if some of them are wrong, does the system exist error situation?

sorry for that we also don't have the test case for the test.

BR,

danielchen · ‎09-20-2016

Hi Wulin:

Since this issue is not reproducible, it is hard to say what could be the reason for that behavior.

Maybe your partner needs to do more tests to verify this issue

Anyway, I would like to recommend to test your code with MQX 4.2, and with latest patch MQX 4.2.0.2. This version fixed some RTCS issues. The following two fixed issues might be related, I am not sure.

1

• MQX-3984 RTCS – Bug in sending TCP packets causes dropped connections through firewalls. Problem was solved
with unconditional sending MSS and window size with SYN.

2. Resolved problem with memory leak in RTCS SSL wrapper. The memory resources were incorrectly deallocated
in case underlying sockets reported error conditions.

I hope it helps.

Regards

Daniel

wulinweng · ‎09-21-2016

Dear Daniel,

thank you for your information, but I can't find the patch 4.2.0.2 of MQX.

Can you show me the download address?

BR,

danielchen · ‎09-21-2016

Hi

Visit the following link

MQX™ Classic Software Solutions|NXP

First click the MQX rtos V4.2 released and patches, then click you can find the MQX RTOS 4.2 and it's patch

Regards

Daniel

wulinweng · ‎09-21-2016

Hi Daniel,

if I just want to code transplant for TCP from MQX4.2.0.2 to MQX4.1, how can I do this, what I means which files should copy from the MQX4.2 or maybe it is very difficult to do this?

BR,

danielchen · ‎09-21-2016

There are many improvements and enhancements, I can't say which files need to copy. you may need to compare them by yourself.

I attached the rtcs_changelog for your reference.

Regards

Daniel