Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-05-31 23:40:19 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

net/icmp: check src ip for icmp request message

Browse Source 
Check src ip for icmp request message. Drop the request message if src ip is broadcast/multicast.

Signed-off-by: gaohedong <gaohedong@xiaomi.com>
This commit is contained in:
gaohedong
2025-06-03 21:42:25 +08:00
committed by Xiang Xiao
parent 0885b324a1
commit e1e6d8821e
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/icmp/icmp_input.c
+15
View File
@@ -311,6 +311,21 @@ void icmp_input(FAR struct net_driver_s *dev)
if (icmp->type == ICMP_ECHO_REQUEST)
{
in_addr_t src_ipaddr;
/* According to RFC1122 section 3.2.2.6 an ICMP Echo Request
* which has a broadcast/multicast ip address should be discarded
*/
src_ipaddr = net_ip4addr_conv32(ipv4->srcipaddr);
if (net_ipv4addr_cmp(src_ipaddr, INADDR_BROADCAST) ||
IN_MULTICAST(NTOHL(src_ipaddr)))
{
ninfo("ICMP ECHO request from broadcast/multicast address\n");
goto typeerr;
}
/* Change the ICMP type */
icmp->type = ICMP_ECHO_REPLY;