Network

Timestamp:

Mar 16, 2010 5:10:15 PM (15 years ago)

Author:

vboxsync

Message:

NAT: ICMP checks minimal sizes of ICMP datagrams received from socket according rfc792
(for types echo reply, time exceed, unreachable).

File:

trunk/src/VBox/Devices/Network/slirp/socket.c

-              r27399
+              r27417
+    }
+    /*
+     * ICMP_ECHOREPLY, ICMP_TIMXCEED, ICMP_UNREACH minimal header size is
+     * ICMP_ECHOREPLY assuming data 0
+     * icmp_{type(8), code(8), cksum(16),identifier(16),seqnum(16)}
+     */
+    if (RT_N2H_U16(ip->ip_len) < hlen + 8)
+    {
+        Log(("send_icmp_to_guest: NAT accept ICMP_{ECHOREPLY, TIMXCEED, UNREACH} the minimum size is 64 (see rfc792)\n"));
+        return;
+    }
     type = icp->icmp_type;
     if (   type == ICMP_TIMXCEED
         || type == ICMP_UNREACH)
+    {
+        /*
+         * ICMP_TIMXCEED, ICMP_UNREACH minimal header size is
+         * icmp_{type(8), code(8), cksum(16),unused(32)} + IP header + 64 bit of original datagram
+         */
+        if (RT_N2H_U16(ip->ip_len) < hlen + 2*8 + sizeof(struct ip))
+        {
+            Log(("send_icmp_to_guest: NAT accept ICMP_{TIMXCEED, UNREACH} the minimum size of ipheader + 64 bit of data (see rfc792)\n"));
+            return;
+        }
         ip = &icp->icmp_ip;
+    }

Note: See TracChangeset for help on using the changeset viewer.