DragonFlyBSD Kernel Audit
← dashboard
DF-0290

GANN sequence comparison not wrap-safe (raw <= on uint32)

Summary

GANN replay check(:2649) uses ie.gann_seq<=gr->gr_lastseq raw uint32 <=. Should use signed-difference macros. Wraparound: legitimate GANN wrongly rejected or replayed GANN accepted near 2^32 boundary.