diff options
author | ae <ae@FreeBSD.org> | 2014-02-20 21:01:59 +0000 |
---|---|---|
committer | ae <ae@FreeBSD.org> | 2014-02-20 21:01:59 +0000 |
commit | 9d77623944c3630f8853442b96f635dd75e8d5e0 (patch) | |
tree | 3964671c31f2db63db143c8029f53188b135b339 | |
parent | 2cdcb70a203b158b33024104eb4d31b42410fc5b (diff) | |
download | FreeBSD-src-9d77623944c3630f8853442b96f635dd75e8d5e0.zip FreeBSD-src-9d77623944c3630f8853442b96f635dd75e8d5e0.tar.gz |
MFC r261835:
Drop packets to multicast address whose scop field contains the
reserved value 0.
Sponsored by: Yandex LLC
-rw-r--r-- | sys/netinet6/ip6_input.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index a94d5c2..8f70741 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -571,7 +571,18 @@ ip6_input(struct mbuf *m) in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); goto bad; } - + if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && + IPV6_ADDR_MC_SCOPE(&ip6->ip6_dst) == 0) { + /* + * RFC4291 2.7: + * Nodes must not originate a packet to a multicast address + * whose scop field contains the reserved value 0; if such + * a packet is received, it must be silently dropped. + */ + IP6STAT_INC(ip6s_badscope); + in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); + goto bad; + } #ifdef ALTQ if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) { /* packet is dropped by traffic conditioner */ |