Skip to content

Commit 98c2b2b

Browse files
danielinuxdanielinux
committed
Addressed copilot's review
1 parent e3f6a80 commit 98c2b2b

2 files changed

Lines changed: 83 additions & 9 deletions

File tree

src/test/unit/unit.c

Lines changed: 58 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7814,7 +7814,7 @@ START_TEST(test_udp_try_recv_unmatched_port_sends_icmp_unreachable)
78147814
struct wolfIP s;
78157815
uint8_t udp_buf[sizeof(struct wolfIP_udp_datagram) + 4];
78167816
struct wolfIP_udp_datagram *udp = (struct wolfIP_udp_datagram *)udp_buf;
7817-
struct wolfIP_icmp_ttl_exceeded_packet *icmp;
7817+
struct wolfIP_icmp_dest_unreachable_packet *icmp;
78187818
uint32_t local_ip = 0x0A000001U;
78197819
uint32_t remote_ip = 0x0A000002U;
78207820
uint8_t src_mac[6] = {0x20, 0x21, 0x22, 0x23, 0x24, 0x25};
@@ -7846,8 +7846,8 @@ START_TEST(test_udp_try_recv_unmatched_port_sends_icmp_unreachable)
78467846
(uint32_t)(ETH_HEADER_LEN + IP_HEADER_LEN + UDP_HEADER_LEN + 4));
78477847

78487848
ck_assert_uint_eq(last_frame_sent_size,
7849-
sizeof(struct wolfIP_icmp_ttl_exceeded_packet));
7850-
icmp = (struct wolfIP_icmp_ttl_exceeded_packet *)last_frame_sent;
7849+
sizeof(struct wolfIP_icmp_dest_unreachable_packet));
7850+
icmp = (struct wolfIP_icmp_dest_unreachable_packet *)last_frame_sent;
78517851
ck_assert_uint_eq(icmp->type, 3U);
78527852
ck_assert_uint_eq(icmp->code, 3U);
78537853
ck_assert_mem_eq(icmp->unused, "\x00\x00\x00\x00", sizeof(icmp->unused));
@@ -7860,6 +7860,41 @@ START_TEST(test_udp_try_recv_unmatched_port_sends_icmp_unreachable)
78607860
}
78617861
END_TEST
78627862

7863+
START_TEST(test_udp_try_recv_unmatched_nonlocal_dst_does_not_send_icmp)
7864+
{
7865+
struct wolfIP s;
7866+
uint8_t udp_buf[sizeof(struct wolfIP_udp_datagram) + 4];
7867+
struct wolfIP_udp_datagram *udp = (struct wolfIP_udp_datagram *)udp_buf;
7868+
uint32_t local_ip = 0x0A000001U;
7869+
uint32_t remote_ip = 0x0A000002U;
7870+
7871+
wolfIP_init(&s);
7872+
mock_link_init(&s);
7873+
wolfIP_ipconfig_set(&s, local_ip, 0xFFFFFF00U, 0);
7874+
7875+
memset(udp_buf, 0, sizeof(udp_buf));
7876+
udp->ip.ver_ihl = 0x45;
7877+
udp->ip.ttl = 64;
7878+
udp->ip.proto = WI_IPPROTO_UDP;
7879+
udp->ip.len = ee16(IP_HEADER_LEN + UDP_HEADER_LEN + 4);
7880+
udp->ip.src = ee32(remote_ip);
7881+
udp->ip.dst = ee32(0x0A0000FEU);
7882+
udp->src_port = ee16(4321);
7883+
udp->dst_port = ee16(1234);
7884+
udp->len = ee16(UDP_HEADER_LEN + 4);
7885+
memcpy(udp->data, "test", 4);
7886+
fix_udp_checksums(udp);
7887+
7888+
memset(last_frame_sent, 0, sizeof(last_frame_sent));
7889+
last_frame_sent_size = 0;
7890+
7891+
udp_try_recv(&s, TEST_PRIMARY_IF, udp,
7892+
(uint32_t)(ETH_HEADER_LEN + IP_HEADER_LEN + UDP_HEADER_LEN + 4));
7893+
7894+
ck_assert_uint_eq(last_frame_sent_size, 0U);
7895+
}
7896+
END_TEST
7897+
78637898
START_TEST(test_dns_callback_bad_flags)
78647899
{
78657900
struct wolfIP s;
@@ -15034,6 +15069,24 @@ START_TEST(test_tcp_input_unmatched_ack_sends_rst)
1503415069
}
1503515070
END_TEST
1503615071

15072+
START_TEST(test_tcp_input_unmatched_ack_nonlocal_dst_does_not_send_rst)
15073+
{
15074+
struct wolfIP s;
15075+
15076+
wolfIP_init(&s);
15077+
mock_link_init(&s);
15078+
wolfIP_ipconfig_set(&s, 0x0A000001U, 0xFFFFFF00U, 0);
15079+
15080+
last_frame_sent_size = 0;
15081+
memset(last_frame_sent, 0, sizeof(last_frame_sent));
15082+
15083+
inject_tcp_segment(&s, TEST_PRIMARY_IF, 0x0A000002U, 0x0A0000FEU,
15084+
4321, 1234, 77, 101, TCP_FLAG_ACK);
15085+
15086+
ck_assert_uint_eq(last_frame_sent_size, 0U);
15087+
}
15088+
END_TEST
15089+
1503715090
START_TEST(test_tcp_input_unmatched_syn_sends_rst_ack)
1503815091
{
1503915092
struct wolfIP s;
@@ -19360,6 +19413,7 @@ Suite *wolf_suite(void)
1936019413
tcase_add_test(tc_utils, test_udp_try_recv_conf_null);
1936119414
tcase_add_test(tc_utils, test_udp_try_recv_remote_ip_matches_local_ip);
1936219415
tcase_add_test(tc_utils, test_udp_try_recv_unmatched_port_sends_icmp_unreachable);
19416+
tcase_add_test(tc_utils, test_udp_try_recv_unmatched_nonlocal_dst_does_not_send_icmp);
1936319417
tcase_add_test(tc_utils, test_dns_callback_bad_flags);
1936419418
tcase_add_test(tc_utils, test_dns_callback_bad_name);
1936519419
tcase_add_test(tc_utils, test_dns_callback_short_header_ignored);
@@ -19451,6 +19505,7 @@ Suite *wolf_suite(void)
1945119505
tcase_add_test(tc_utils, test_tcp_input_filter_drop);
1945219506
tcase_add_test(tc_utils, test_tcp_input_port_mismatch_skips_socket);
1945319507
tcase_add_test(tc_utils, test_tcp_input_unmatched_ack_sends_rst);
19508+
tcase_add_test(tc_utils, test_tcp_input_unmatched_ack_nonlocal_dst_does_not_send_rst);
1945419509
tcase_add_test(tc_utils, test_tcp_input_unmatched_syn_sends_rst_ack);
1945519510
tcase_add_test(tc_utils, test_tcp_input_unmatched_rst_is_discarded);
1945619511
tcase_add_test(tc_utils, test_tcp_input_syn_bound_ip_mismatch);

src/wolfip.c

Lines changed: 25 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -127,6 +127,7 @@ struct wolfIP_icmp_packet;
127127

128128
/* Macros */
129129
#define IS_IP_BCAST(ip) ((ip) == 0xFFFFFFFFU)
130+
#define IS_IP_MCAST(ip) (((ip) & 0xF0000000U) == 0xE0000000U)
130131

131132
#define PKT_FLAG_SENT 0x01U
132133
#define PKT_FLAG_ACKED 0x02U
@@ -703,6 +704,7 @@ union transport_pseudo_header {
703704

704705
#define TTL_EXCEEDED_ORIG_PACKET_SIZE (28)
705706
#define ICMP_TTL_EXCEEDED_SIZE (36)
707+
#define ICMP_DEST_UNREACH_SIZE (36)
706708

707709
struct PACKED wolfIP_icmp_packet {
708710
struct wolfIP_ip_packet ip;
@@ -1497,12 +1499,12 @@ static void wolfIP_send_ttl_exceeded(struct wolfIP *s, unsigned int if_idx,
14971499
memcpy(icmp.orig_packet, ((uint8_t *)orig) + ETH_HEADER_LEN,
14981500
TTL_EXCEEDED_ORIG_PACKET_SIZE);
14991501
icmp.csum = ee16(icmp_checksum((struct wolfIP_icmp_packet *)&icmp,
1500-
ICMP_TTL_EXCEEDED_SIZE));
1502+
ICMP_DEST_UNREACH_SIZE));
15011503
icmp.ip.ver_ihl = 0x45;
15021504
icmp.ip.ttl = 64;
15031505
icmp.ip.proto = WI_IPPROTO_ICMP;
15041506
icmp.ip.id = ipcounter_next(s);
1505-
icmp.ip.len = ee16(IP_HEADER_LEN + ICMP_TTL_EXCEEDED_SIZE);
1507+
icmp.ip.len = ee16(IP_HEADER_LEN + ICMP_DEST_UNREACH_SIZE);
15061508
icmp.ip.src = ee32(wolfIP_ipconf_at(s, if_idx)->ip);
15071509
icmp.ip.dst = orig->src;
15081510
icmp.ip.csum = 0;
@@ -1767,8 +1769,17 @@ static void udp_try_recv(struct wolfIP *s, unsigned int if_idx,
17671769
matched = 1;
17681770
}
17691771
}
1770-
if (!matched)
1771-
wolfIP_send_port_unreachable(s, if_idx, &udp->ip);
1772+
if (!matched) {
1773+
int dst_match = 0;
1774+
1775+
if (dst_ip != IPADDR_ANY && src_ip != IPADDR_ANY &&
1776+
!IS_IP_BCAST(dst_ip) && !IS_IP_BCAST(src_ip) &&
1777+
!IS_IP_MCAST(dst_ip) && !IS_IP_MCAST(src_ip)) {
1778+
(void)wolfIP_if_for_local_ip(s, dst_ip, &dst_match);
1779+
if (dst_match)
1780+
wolfIP_send_port_unreachable(s, if_idx, &udp->ip);
1781+
}
1782+
}
17721783
}
17731784

17741785
/* ICMP sockets reuse the UDP fifo bookkeeping */
@@ -3621,8 +3632,16 @@ static void tcp_input(struct wolfIP *S, unsigned int if_idx,
36213632
}
36223633
}
36233634
}
3624-
if (!matched)
3625-
tcp_send_reset_reply(S, if_idx, tcp);
3635+
if (!matched) {
3636+
ip4 dst = ee32(tcp->ip.dst);
3637+
int dst_match = 0;
3638+
3639+
if (dst != IPADDR_ANY && !IS_IP_BCAST(dst) && !IS_IP_MCAST(dst)) {
3640+
(void)wolfIP_if_for_local_ip(S, dst, &dst_match);
3641+
if (dst_match)
3642+
tcp_send_reset_reply(S, if_idx, tcp);
3643+
}
3644+
}
36263645
}
36273646

36283647
static void tcp_rto_cb(void *arg)

0 commit comments

Comments
 (0)