From 95cac27d0d1ca93610f1bea554e3eb67c8a907d7 Mon Sep 17 00:00:00 2001
From: Peter Johnston <peterjohnston@google.com>
Date: Tue, 6 Oct 2020 16:15:45 -0700
Subject: Discard invalid Neighbor Solicitations

...per RFC 4861 s7.1.1.

PiperOrigin-RevId: 335742851
---
 pkg/tcpip/network/ipv6/icmp.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'pkg/tcpip/network/ipv6/icmp.go')

diff --git a/pkg/tcpip/network/ipv6/icmp.go b/pkg/tcpip/network/ipv6/icmp.go
index 8e9def6b8..629d1818e 100644
--- a/pkg/tcpip/network/ipv6/icmp.go
+++ b/pkg/tcpip/network/ipv6/icmp.go
@@ -286,6 +286,17 @@ func (e *endpoint) handleICMP(r *stack.Route, pkt *stack.PacketBuffer, hasFragme
 			e.linkAddrCache.AddLinkAddress(e.nic.ID(), r.RemoteAddress, sourceLinkAddr)
 		}
 
+		// As per RFC 4861 section 7.1.1:
+		//   A node MUST silently discard any received Neighbor Solicitation
+		//   messages that do not satisfy all of the following validity checks:
+		//    ...
+		//    - If the IP source address is the unspecified address, the IP
+		//      destination address is a solicited-node multicast address.
+		if unspecifiedSource && !header.IsSolicitedNodeAddr(r.LocalAddress) {
+			received.Invalid.Increment()
+			return
+		}
+
 		// ICMPv6 Neighbor Solicit messages are always sent to
 		// specially crafted IPv6 multicast addresses. As a result, the
 		// route we end up with here has as its LocalAddress such a
-- 
cgit v1.2.3