netinet: filter out invalid ICMP responses in ip_icmp()

instead of doing that in every ipproto_ctlinput_t method. Reviewed by: melifaro Differential revision: https://reviews.freebsd.org/D36728
2022-10-03 20:53:04 -07:00 · 2022-10-03 20:53:04 -07:00 · 7f3b00a87a
commit 7f3b00a87a
parent 53807a8a27
4 changed files with 3 additions and 9 deletions
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@ -546,6 +546,9 @@ icmp_input(struct mbuf **mp, int *offp, int proto)
 		/* Discard ICMP's in response to multicast packets */
 		if (IN_MULTICAST(ntohl(icp->icmp_ip.ip_dst.s_addr)))
 			goto badcode;
+		/* Filter out responses to INADDR_ANY, protocols ignore it. */
+		if (icp->icmp_ip.ip_dst.s_addr == INADDR_ANY)
+			goto freeit;
 #ifdef ICMPPRINTFS
 		if (icmpprintfs)
 			printf("deliver to protocol %d\n", icp->icmp_ip.ip_p);
--- a/sys/netinet/sctp_usrreq.c
+++ b/sys/netinet/sctp_usrreq.c
@ -272,9 +272,6 @@ sctp_ctlinput(int cmd, struct sockaddr_in *sin, struct ip *ip)
 	struct sctp_init_chunk *ch;
 	struct sockaddr_in src, dst;

-	if (sin->sin_addr.s_addr == INADDR_ANY) {
-		return;
-	}
 	if (PRC_IS_REDIRECT(cmd)) {
 		ip = NULL;
 	} else if ((unsigned)cmd >= PRC_NCMDS || inetctlerrmap[cmd] == 0) {
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@ -2866,9 +2866,6 @@ tcp_ctlinput_with_port(int cmd, struct sockaddr_in *sin, struct ip *ip,
 	tcp_seq icmp_tcp_seq;
 	int mtu;

-	if (sin->sin_addr.s_addr == INADDR_ANY)
-		return;
-
 	if (cmd == PRC_MSGSIZE)
 		notify = tcp_mtudisc_notify;
 	else if (V_icmp_may_rst && (cmd == PRC_UNREACH_ADMIN_PROHIB ||
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@ -746,9 +746,6 @@ udp_common_ctlinput(int cmd, struct sockaddr_in *sin, struct ip *ip,
 	struct udphdr *uh;
 	struct inpcb *inp;

-	if (sin->sin_addr.s_addr == INADDR_ANY)
-		return;
-
 	if (PRC_IS_REDIRECT(cmd)) {
 		/* signal EHOSTDOWN, as it flushes the cached route */
 		in_pcbnotifyall(pcbinfo, sin->sin_addr, EHOSTDOWN, udp_notify);