diff options
| author | Mobashshera Rasool <mrasool@vmware.com> | 2021-07-19 21:29:09 +0200 |
|---|---|---|
| committer | Mobashshera Rasool <mrasool@vmware.com> | 2021-07-19 21:46:10 +0200 |
| commit | 54d7bf0cc6c487610c6d3fa53c9fa678b2f53d75 (patch) | |
| tree | bb604b588c0e12e568680640194b15787d6ea7c7 | |
| parent | pimd: Abstracting header verification for igmp (diff) | |
| download | frr-54d7bf0cc6c487610c6d3fa53c9fa678b2f53d75.tar.xz frr-54d7bf0cc6c487610c6d3fa53c9fa678b2f53d75.zip | |
pimd: Add TTL check for IGMP conformance
IGMPv3 packets with invalid TTL should be dropped.
Test Case ID: 4.10
TEST_DESCRIPTION
Every IGMP message described in this document is sent with an IP
Time-to-Live of 1 (Tests that IGMPv3 Membership Report Message
conforms to above statement)
TEST_REFERENCE
NEGATIVE: RFC 3376, IGMP Version 3, s4 p7 Message Formats
Issue: #9070
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
| -rw-r--r-- | pimd/pim_igmp.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/pimd/pim_igmp.c b/pimd/pim_igmp.c index 36f044b16..069c51597 100644 --- a/pimd/pim_igmp.c +++ b/pimd/pim_igmp.c @@ -484,6 +484,16 @@ bool pim_igmp_verify_header(struct ip *ip_hdr, size_t len, int igmp_msg_len, return false; } + if ((msg_type != PIM_IGMP_MTRACE_RESPONSE) + && (msg_type != PIM_IGMP_MTRACE_QUERY_REQUEST)) { + if (ip_hdr->ip_ttl != 1) { + zlog_warn( + "Recv IGMP packet with invalid ttl=%u, discarding the packet", + ip_hdr->ip_ttl); + return -1; + } + } + return true; } |