[En-Nut-Discussion] Race condition and stack overflow in tcpsm.c

[Philipp Burch]

Ok, this with the appended patch didn't work. So here it is right in the
mail text:


Index: nut/net/tcpsm.c
===================================================================
--- nut/net/tcpsm.c	(revision 5875)
+++ nut/net/tcpsm.c	(working copy)
@@ -51,6 +51,7 @@
 #include <sys/heap.h>
 #include <sys/event.h>
 #include <sys/timer.h>
+#include <sys/mutex.h>

 #include <errno.h>
 #include <netinet/in.h>
@@ -1857,13 +1858,21 @@
  */
 int NutTcpInitStateMachine(void)
 {
+    static MUTEX initMutex = {0};
+    int ret = 0;
+    /* A race condition is produced without this mutex: If two threads
+     * are started right after system initialization which both create a
+     * TCP socket, we may end up with two tcpsm threads running
concurrently.
+     */
+    NutMutexLock(&initMutex);
     if (tcpThread == NULL) {
         tcpThread = NutThreadCreate("tcpsm", NutTcpSm, NULL,
NUT_THREAD_TCPSMSTACK * NUT_THREAD_STACK_MULT + NUT_THREAD_STACK_ADD);
         if (tcpThread == NULL) {
-            return -1;
+            ret = -1;
         }
     }
-    return 0;
+    NutMutexUnlock(&initMutex);
+    return ret;
 }

 /*!