Repository : ssh://git@open-mesh.org/batman-adv
On branch : maint
commit ab361a9ccc584e7501c06bfe1c00cb0411feebaf Author: Matthias Schiffer mschiffer@universe-factory.net Date: Thu Jan 24 18:18:27 2013 +0100
batman-adv: filter ARP packets with invalid MAC addresses in DAT
We never want multicast MAC addresses in the Distributed ARP Table, so it's best to completely ignore ARP packets containing them where we expect unicast addresses.
Signed-off-by: Matthias Schiffer mschiffer@universe-factory.net Acked-by: Antonio Quartulli ordex@autistici.org Signed-off-by: Marek Lindner lindner_marek@yahoo.de
ab361a9ccc584e7501c06bfe1c00cb0411feebaf distributed-arp-table.c | 13 +++++++++++++ 1 file changed, 13 insertions(+)
diff --git a/distributed-arp-table.c b/distributed-arp-table.c index be3be28..ea0bd31 100644 --- a/distributed-arp-table.c +++ b/distributed-arp-table.c @@ -738,6 +738,7 @@ static uint16_t batadv_arp_get_type(struct batadv_priv *bat_priv, struct arphdr *arphdr; struct ethhdr *ethhdr; __be32 ip_src, ip_dst; + uint8_t *hw_src, *hw_dst; uint16_t type = 0;
/* pull the ethernet header */ @@ -782,6 +783,18 @@ static uint16_t batadv_arp_get_type(struct batadv_priv *bat_priv, ipv4_is_zeronet(ip_dst) || ipv4_is_lbcast(ip_dst)) goto out;
+ hw_src = batadv_arp_hw_src(skb, hdr_size); + if (is_zero_ether_addr(hw_src) || is_multicast_ether_addr(hw_src)) + goto out; + + /* we don't care about the destination MAC address in ARP requests */ + if (arphdr->ar_op != htons(ARPOP_REQUEST)) { + hw_dst = batadv_arp_hw_dst(skb, hdr_size); + if (is_zero_ether_addr(hw_dst) || + is_multicast_ether_addr(hw_dst)) + goto out; + } + type = ntohs(arphdr->ar_op); out: return type;