Only send an ICMP error message if UDP checksum is valid.

Test: - TestV4UnknownDestination - TestV6UnknownDestination PiperOrigin-RevId: 328424137
author: Toshi Kikuchi <toshik@google.com> 2020-08-25 16:13:39 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-08-25 16:15:29 -0700
commit: 70a7a3ac704a47ec50525d06438ba4983da3af8b (patch)
tree: 584792ba1de5855d2dc4ff675c3e744165593e9c /pkg/tcpip/transport/udp/protocol.go
parent: 430487c9e7cb4425def8605c6730aa4a168b000d (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/pkg/tcpip/transport/udp/protocol.go b/pkg/tcpip/transport/udp/protocol.go
index 63d4bed7c..f65751dd4 100644
--- a/pkg/tcpip/transport/udp/protocol.go
+++ b/pkg/tcpip/transport/udp/protocol.go
@@ -88,7 +88,12 @@ func (p *protocol) HandleUnknownDestinationPacket(r *stack.Route, id stack.Trans
 		r.Stack().Stats().UDP.MalformedPacketsReceived.Increment()
 		return true
 	}
-	// TODO(b/129426613): only send an ICMP message if UDP checksum is valid.
+
+	if !verifyChecksum(r, hdr, pkt) {
+		// Checksum Error.
+		r.Stack().Stats().UDP.ChecksumErrors.Increment()
+		return true
+	}
 
 	// Only send ICMP error if the address is not a multicast/broadcast
 	// v4/v6 address or the source is not the unspecified address.
author	Toshi Kikuchi <toshik@google.com>	2020-08-25 16:13:39 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-08-25 16:15:29 -0700
commit	70a7a3ac704a47ec50525d06438ba4983da3af8b (patch)
tree	584792ba1de5855d2dc4ff675c3e744165593e9c /pkg/tcpip/transport/udp/protocol.go
parent	430487c9e7cb4425def8605c6730aa4a168b000d (diff)