From e365bc365399b44fd3c9bfafb23df1ca772ebe22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kuba=20Szczodrzy=C5=84ski?= Date: Thu, 25 Aug 2022 22:36:53 +0200 Subject: [PATCH] [LT] Add vendor changes from bdk_freertos/v2.0.2 (ip4.c/ripple20) --- src/core/ipv4/ip4.c | 57 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/src/core/ipv4/ip4.c b/src/core/ipv4/ip4.c index 26c26a91..49fe5ca4 100644 --- a/src/core/ipv4/ip4.c +++ b/src/core/ipv4/ip4.c @@ -408,6 +408,51 @@ ip4_input_accept(struct netif *netif) return 0; } +#if LWIP_RIPPLE20 +/** + * parse ipv4 IP options + * return: < 0 if IP options contain invalid option, = 0 Ok. + */ +int ip4_parse_opt(u8 *opt, int len) +{ + int ret = 0; + u8 type, item_len; + + while (len > 1) { + type = *opt; + opt++; + item_len = *opt; + len -= item_len; + opt++; + + /* avoid infinite recusive */ + if (type != 0 && item_len == 0) + return -1; + + switch (type) { + case 0: + /* End of Option List */ + return ret; + case 7: { + /* RR Option */ + u8 *pointer = opt; + + if (*pointer < 4 || (*pointer % 4)) + return -1; + + break; + } + + } + + /* Forward to next option */ + opt += item_len - 2; + } + + return ret; +} +#endif /* LWIP_RIPPLE20 */ + /** * This function is called by the network interface device driver when * an IP packet is received. The function does the basic checks of the @@ -470,6 +515,18 @@ ip4_input(struct pbuf *p, struct netif *inp) pbuf_realloc(p, iphdr_len); } +#if LWIP_RIPPLE20 + /* Parse IP options */ + if (iphdr_hlen > 20) { + u8 *opt = (u8*)p->payload; + if (ip4_parse_opt(opt + 20, iphdr_hlen - 20)) { + pbuf_free(p); + LWIP_DEBUGF(IP_DEBUG | LWIP_DBG_LEVEL_WARNING, ("IP packet dropped due to invalid IP options\n")); + return ERR_OK; + } + } +#endif + /* header length exceeds first pbuf length, or ip length exceeds total pbuf length? */ if ((iphdr_hlen > p->len) || (iphdr_len > p->tot_len) || (iphdr_hlen < IP_HLEN)) { if (iphdr_hlen < IP_HLEN) {