drop incoming udp packet with dst port = 0. it seems to be illegal

based on RFC768. commit for other OSes will follow.
kame · Jan 7, 2000 · ffdd061 · ffdd061
1 parent dc43040
commit ffdd061
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/kame/sys/netinet6/udp6_usrreq.c b/kame/sys/netinet6/udp6_usrreq.c
@@ -199,6 +199,10 @@ udp6_input(mp, offp, proto)
 		goto bad;
 	}
 
+	/* destination port of 0 is illegal, based on RFC768. */
+	if (uh->uh_dport == 0)
+		goto bad;
+
 	/* Be proactive about malicious use of IPv4 mapped address */
 	if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
 	    IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {

diff --git a/netbsd/sys/netinet/udp_usrreq.c b/netbsd/sys/netinet/udp_usrreq.c
@@ -218,6 +218,10 @@ udp_input(m, va_alist)
 	}
 #endif
 
+	/* destination port of 0 is illegal, based on RFC768. */
+	if (uh->uh_dport == 0)
+		goto bad;
+
 	/*
 	 * Make mbuf data length reflect UDP length.
 	 * If not enough data to reflect UDP length, drop.
@@ -375,6 +379,10 @@ udp6_input(mp, offp, proto)
 		goto bad;
 	}
 
+	/* destination port of 0 is illegal, based on RFC768. */
+	if (uh->uh_dport == 0)
+		goto bad;
+
 	/* Be proactive about malicious use of IPv4 mapped address */
 	if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
 	    IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
@@ -926,6 +934,10 @@ udp_input(m, va_alist)
 	}
 	uh = (struct udphdr *)((caddr_t)ip + iphlen);
 
+	/* destination port of 0 is illegal, based on RFC768. */
+	if (uh->uh_dport == 0)
+		goto bad;
+
 	/*
 	 * Make mbuf data length reflect UDP length.
 	 * If not enough data to reflect UDP length, drop.