icmpv6: truncate the packet to MTU

chayleaf · chayleaf · commit de4cced5237b · 2023-06-27T04:08:28.000+07:00
This follows RFC4443 section 2.4.
diff --git a/src/wire/icmpv6.rs b/src/wire/icmpv6.rs
@@ -10,6 +10,7 @@ use crate::wire::NdiscRepr;
 #[cfg(feature = "proto-rpl")]
 use crate::wire::RplRepr;
 use crate::wire::{IpAddress, IpProtocol, Ipv6Packet, Ipv6Repr};
+use crate::wire::{IPV6_HEADER_LEN, IPV6_MIN_MTU};
 
 enum_with_unknown! {
     /// Internet protocol control message type.
@@ -617,7 +618,20 @@ impl<'a> Repr<'a> {
         where
             T: AsRef<[u8]> + ?Sized,
         {
-            let ip_packet = Ipv6Packet::new_checked(packet.payload())?;
+            // The packet must be truncated to fit the min MTU. In case the packet is potentially
+            // truncated, only perform a basic sanity check to ensure the original header is
+            // still intact.
+            let ip_packet = if packet.buffer.as_ref().len() >= super::IPV6_MIN_MTU {
+                let ip_packet = Ipv6Packet::new_unchecked(packet.payload());
+
+                if packet.payload().len() < ip_packet.header_len() {
+                    return Err(Error);
+                }
+
+                ip_packet
+            } else {
+                Ipv6Packet::new_checked(packet.payload())?
+            };
 
             let payload = &packet.payload()[ip_packet.header_len()..];
             if payload.len() < 8 {
@@ -627,7 +641,7 @@ impl<'a> Repr<'a> {
                 src_addr: ip_packet.src_addr(),
                 dst_addr: ip_packet.dst_addr(),
                 next_header: ip_packet.next_header(),
-                payload_len: payload.len(),
+                payload_len: ip_packet.payload_len().into(),
                 hop_limit: ip_packet.hop_limit(),
             };
             Ok((payload, repr))
@@ -697,7 +711,15 @@ impl<'a> Repr<'a> {
             | &Repr::PktTooBig { header, data, .. }
             | &Repr::TimeExceeded { header, data, .. }
             | &Repr::ParamProblem { header, data, .. } => {
-                field::UNUSED.end + header.buffer_len() + data.len()
+                /* (c) Every ICMPv6 error message (type < 128) MUST include as much of
+                 *     the IPv6 offending (invoking) packet (the packet that caused the
+                 *     error) as possible without making the error message packet exceed
+                 *     the minimum IPv6 MTU [IPv6].
+                 */
+                cmp::min(
+                    field::UNUSED.end + header.buffer_len() + data.len(),
+                    IPV6_MIN_MTU - IPV6_HEADER_LEN,
+                )
             }
             &Repr::EchoRequest { data, .. } | &Repr::EchoReply { data, .. } => {
                 field::ECHO_SEQNO.end + data.len()
@@ -725,7 +747,8 @@ impl<'a> Repr<'a> {
             let mut ip_packet = Ipv6Packet::new_unchecked(buffer);
             header.emit(&mut ip_packet);
             let payload = &mut ip_packet.into_inner()[header.buffer_len()..];
-            payload.copy_from_slice(data);
+            let data_len = cmp::min(payload.len(), data.len());
+            payload[..data_len].copy_from_slice(&data[..data_len]);
         }
 
         match *self {
@@ -981,4 +1004,60 @@ mod test {
         );
         assert_eq!(&*packet.into_inner(), &PKT_TOO_BIG_BYTES[..]);
     }
+
+    #[test]
+    fn test_buffer_length_is_truncated_to_mtu() {
+        let repr = Repr::PktTooBig {
+            mtu: 1280,
+            header: Ipv6Repr {
+                src_addr: Default::default(),
+                dst_addr: Default::default(),
+                next_header: IpProtocol::Tcp,
+                hop_limit: 64,
+                payload_len: 1280,
+            },
+            data: &vec![0; 9999],
+        };
+        assert_eq!(repr.buffer_len(), 1280 - IPV6_HEADER_LEN);
+    }
+
+    #[test]
+    fn test_mtu_truncated_payload_roundtrip() {
+        let ip_packet_repr = Ipv6Repr {
+            src_addr: Default::default(),
+            dst_addr: Default::default(),
+            next_header: IpProtocol::Tcp,
+            hop_limit: 64,
+            payload_len: 1280,
+        };
+        let mut ip_packet = Ipv6Packet::new_unchecked(vec![0; 1280 + IPV6_HEADER_LEN]);
+        ip_packet_repr.emit(&mut ip_packet);
+
+        let repr1 = Repr::PktTooBig {
+            mtu: 1280,
+            header: ip_packet_repr,
+            // this is needed to make sure roundtrip gives the same value
+            // it is not needed for ensuring the correct bytes get emitted
+            data: &ip_packet.as_ref()[..1280 - field::HEADER_END - IPV6_HEADER_LEN],
+        };
+        let mut data = vec![0; 1280];
+        let mut packet = Packet::new_unchecked(&mut data);
+        repr1.emit(
+            &MOCK_IP_ADDR_1,
+            &MOCK_IP_ADDR_2,
+            &mut packet,
+            &ChecksumCapabilities::default(),
+        );
+
+        let packet = Packet::new_unchecked(&data);
+        let repr2 = Repr::parse(
+            &MOCK_IP_ADDR_1,
+            &MOCK_IP_ADDR_2,
+            &packet,
+            &ChecksumCapabilities::default(),
+        )
+        .unwrap();
+
+        assert_eq!(repr1, repr2);
+    }
 }
