matthieu/frr
1
0
Fork 0
forked from Mirror/frr
Code Pull requests Activity

nhrpd: Add Hop Count Validation Before Forwarding in nhrp_peer_recv()

Browse source 
According to [RFC 2332, Section 5.1], if an NHS receives a packet that it would normally forward and the hop count is zero, it must send an error indication back to the source and drop the packet.

Signed-off-by: zmw12306 <zmw12306@gmail.com>
This commit is contained in:
zmw12306 2025-04-07 16:13:45 -04:00
parent 44c4743e08
commit 7c87716482
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nhrpd/nhrp_peer.c
View file

@ -1355,6 +1355,11 @@ void nhrp_peer_recv(struct nhrp_peer *p, struct zbuf *zb)
} }
break; break;
case NHRP_ROUTE_NBMA_NEXTHOP: case NHRP_ROUTE_NBMA_NEXTHOP:
if (hdr->hop_count == 0) {
nhrp_packet_send_error(&pp, NHRP_ERROR_HOP_COUNT_EXCEEDED, 0);
info = "hop count exceeded";
goto drop;
}
nhrp_peer_forward(peer, &pp); nhrp_peer_forward(peer, &pp);
break; break;
case NHRP_ROUTE_BLACKHOLE: case NHRP_ROUTE_BLACKHOLE: