proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-15 05:18:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pimd: Dissallow query to be received from a non-connected source

Browse Source 
When we receive an igmp query on a interface, ensure that the
source address of the packet is connected to the incoming
interface.  This will prevent a meanie from crafting a igmp
packet with a source address less than ours and causing
us to suspend query activities.

Fixes: #1692
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This commit is contained in:
Donald Sharp 2019-06-25 00:30:11 -04:00
parent ea1bdfc0e5
commit 8890b440ac
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pimd/pim_igmp.c
View File

@ -305,6 +305,13 @@ static int igmp_recv_query(struct igmp_sock *igmp, int query_version,
return -1;
}
if (!pim_if_connected_to_source(ifp, from)) {
if (PIM_DEBUG_IGMP_PACKETS)
zlog_debug("Recv IGMP query on interface: %s from a non-connected source: %s",
ifp->name, from_str);
return 0;
}
/* Collecting IGMP Rx stats */
switch (query_version) {
case 1: