Merge release-20190806.1-328-g5a42105 (automated)

author: gVisor bot <gvisor-bot@google.com> 2019-10-25 23:10:08 +0000
committer: gVisor bot <gvisor-bot@google.com> 2019-10-25 23:10:08 +0000
commit: 3292dbae0007186517ad5d6880ad539341d869a0 (patch)
tree: 51cd4357a94c223bd1cecfa2bd70acefe0927433 /pkg/tcpip/network
parent: e0b0ba4247a59a971f78f0ce89c47f972fe0e943 (diff)
parent: 5a421058a07477e23f6ca23bb510894419224080 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/pkg/tcpip/network/ipv6/icmp.go b/pkg/tcpip/network/ipv6/icmp.go
index b289e902f..c3f1dd488 100644
--- a/pkg/tcpip/network/ipv6/icmp.go
+++ b/pkg/tcpip/network/ipv6/icmp.go
@@ -72,6 +72,18 @@ func (e *endpoint) handleICMP(r *stack.Route, netHeader buffer.View, vv buffer.V
 	h := header.ICMPv6(v)
 	iph := header.IPv6(netHeader)
 
+	// Validate ICMPv6 checksum before processing the packet.
+	//
+	// Only the first view in vv is accounted for by h. To account for the
+	// rest of vv, a shallow copy is made and the first view is removed.
+	// This copy is used as extra payload during the checksum calculation.
+	payload := vv
+	payload.RemoveFirst()
+	if got, want := h.Checksum(), header.ICMPv6Checksum(h, iph.SourceAddress(), iph.DestinationAddress(), payload); got != want {
+		received.Invalid.Increment()
+		return
+	}
+
 	// As per RFC 4861 sections 4.1 - 4.5, 6.1.1, 6.1.2, 7.1.1, 7.1.2 and
 	// 8.1, nodes MUST silently drop NDP packets where the Hop Limit field
 	// in the IPv6 header is not set to 255.
author	gVisor bot <gvisor-bot@google.com>	2019-10-25 23:10:08 +0000
committer	gVisor bot <gvisor-bot@google.com>	2019-10-25 23:10:08 +0000
commit	3292dbae0007186517ad5d6880ad539341d869a0 (patch)
tree	51cd4357a94c223bd1cecfa2bd70acefe0927433 /pkg/tcpip/network
parent	e0b0ba4247a59a971f78f0ce89c47f972fe0e943 (diff)
parent	5a421058a07477e23f6ca23bb510894419224080 (diff)