From 7c48a717f00b0bdeec7c0f10f02515b705f3e060 Mon Sep 17 00:00:00 2001
From: zmw12306 <zmw12306@gmail.com>
Date: Sun, 23 Mar 2025 22:37:59 -0400
Subject: [PATCH] babeld: Missing Validation for AE=0 and Plen!=0

A Request TLV with AE set to 0 and Plen not set to 0 MUST be ignored.
Signed-off-by: zmw12306 <zmw12306@gmail.com>
---
 babeld/message.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/babeld/message.c b/babeld/message.c
index 5a33d5c288..fabd72fda3 100644
--- a/babeld/message.c
+++ b/babeld/message.c
@@ -706,6 +706,11 @@ parse_packet(const unsigned char *from, struct interface *ifp,
 			      "Received source-specific wildcard request.");
                     goto done;
                 }
+                if(message[3] != 0) {
+                    flog_err(EC_BABEL_PACKET,
+                             "Ignoring request with AE=0 and non-zero Plen");
+                    goto done;
+                }
                 /* If a neighbour is requesting a full route dump from us,
                    we might as well send it an IHU. */
                 send_ihu(neigh, NULL);
-- 
2.39.5