Bugs found by TCP-Fuzz (opensource projects only)

Here I list some of bugs found by TCP-Fuzz for opensource projects.

• mTCP
  • Remove mtcp listener before it is freed.
  • Validate ip length before using tcp header.
  • Accept the packet with seq smaller than the last received packet
  • Fix out of bound read
  • Check first ack packet to update its timestamp value
  • Accept packets without timestamp option
  • Fix 0 mss if we do not receive mss before
  • Fix NULL pointer if we read before receiving any packet with data
• F-Stack
  • Duplicated packets cause read error?
  • Some issues of current version FreeBSD
• FreeBSD
  • RFC 5961 is not implemented completely
  • connections should be closed if a same packet without FIN is received after FIN received
  • data in syn_ack should be ignored
  • The ioctl of socket fd should return -1 after listen to avoid misusing.
  • Should we reject the packet with timestamp if no timestamp in SYN and SYN_ACK?
  • Should we reject packets with the nonmonotonic timestamp?