diff options
| author | zmw12306 <zmw12306@gmail.com> | 2025-04-07 16:13:45 -0400 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2025-04-08 16:29:44 +0000 |
| commit | 623b3ab5c8f521b336bf6405c69d0a40cc743163 (patch) | |
| tree | 98f0c66ba1976fdb7c557382c25d03e39e5d2f3f | |
| parent | 4b81bbbac3619980b0d0a04cce8e1aa96c6b878c (diff) | |
nhrpd: Add Hop Count Validation Before Forwarding in nhrp_peer_recv()
According to [RFC 2332, Section 5.1], if an NHS receives a packet that it would normally forward and the hop count is zero, it must send an error indication back to the source and drop the packet.
Signed-off-by: zmw12306 <zmw12306@gmail.com>
(cherry picked from commit 7c877164820bfc1cd7f84b3f7529f716b0f897cd)
| -rw-r--r-- | nhrpd/nhrp_peer.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/nhrpd/nhrp_peer.c b/nhrpd/nhrp_peer.c index fa11980c18..97932795a3 100644 --- a/nhrpd/nhrp_peer.c +++ b/nhrpd/nhrp_peer.c @@ -1355,6 +1355,11 @@ void nhrp_peer_recv(struct nhrp_peer *p, struct zbuf *zb) } break; case NHRP_ROUTE_NBMA_NEXTHOP: + if (hdr->hop_count == 0) { + nhrp_packet_send_error(&pp, NHRP_ERROR_HOP_COUNT_EXCEEDED, 0); + info = "hop count exceeded"; + goto drop; + } nhrp_peer_forward(peer, &pp); break; case NHRP_ROUTE_BLACKHOLE: |