From 8d39b1a152292b192e5a8bb43102f1c48836b1f7 Mon Sep 17 00:00:00 2001
From: fbernon <fbernon>
Date: Sun, 30 Dec 2007 01:09:11 +0000
Subject: [PATCH] ip.c: Fix bug #21846 "LwIP doesn't appear to perform any IP
 Source Address Filtering" reported by Tom Evans.

---
 CHANGELOG          |  4 ++++
 src/core/ipv4/ip.c | 23 +++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 15f7dd21..714a27b4 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -19,6 +19,10 @@ HISTORY
 
   ++ New features:
 
+  2007-12-31 Frédéric Bernon, Tom Evans
+  * ip.c: Fix bug #21846 "LwIP doesn't appear to perform any IP Source Address
+    Filtering" reported by Tom Evans.
+
   2007-12-21 Frédéric Bernon, Simon Goldschmidt, Jonathan Larmour
   * tcp.h, opt.h, api.h, api_msg.h, tcp.c, tcp_in.c, api_lib.c, api_msg.c,
     sockets.c, init.c: task #7252: Implement TCP listen backlog: Warning: raw API
diff --git a/src/core/ipv4/ip.c b/src/core/ipv4/ip.c
index e59a71f1..8165cd69 100644
--- a/src/core/ipv4/ip.c
+++ b/src/core/ipv4/ip.c
@@ -178,6 +178,9 @@ ip_input(struct pbuf *p, struct netif *inp)
   struct ip_hdr *iphdr;
   struct netif *netif;
   u16_t iphdrlen;
+#if LWIP_DHCP
+  int   ipsrcchecking=1;
+#endif /* LWIP_DHCP */
 
   IP_STATS_INC(ip.recv);
   snmp_inc_ipinreceives();
@@ -193,6 +196,7 @@ ip_input(struct pbuf *p, struct netif *inp)
     snmp_inc_ipinhdrerrors();
     return ERR_OK;
   }
+
   /* obtain IP header length in number of 32-bit words */
   iphdrlen = IPH_HL(iphdr);
   /* calculate IP header length in bytes */
@@ -288,10 +292,29 @@ ip_input(struct pbuf *p, struct netif *inp)
       if (ntohs(((struct udp_hdr *)((u8_t *)iphdr + iphdrlen))->dest) == DHCP_CLIENT_PORT) {
         LWIP_DEBUGF(IP_DEBUG | LWIP_DBG_TRACE | 1, ("ip_input: DHCP packet accepted.\n"));
         netif = inp;
+        ipsrcchecking = 0;
       }
     }
   }
 #endif /* LWIP_DHCP */
+
+  /* broadcast or multicast packet source address? Compliant with RFC 1122: 3.2.1.3 */
+#if LWIP_DHCP
+  if (ipsrcchecking)
+#endif /* LWIP_DHCP */
+  {  if ((ip_addr_isbroadcast(&(iphdr->src), inp)) ||
+         (ip_addr_ismulticast(&(iphdr->src)))) {
+      /* packet source is not valid */
+      LWIP_DEBUGF(IP_DEBUG | LWIP_DBG_TRACE | 1, ("ip_input: packet source is not valid.\n"));
+      /* free (drop) packet pbufs */
+      pbuf_free(p);
+      IP_STATS_INC(ip.drop);
+      snmp_inc_ipinaddrerrors();
+      snmp_inc_ipindiscards();
+      return ERR_OK;
+    }
+  }
+
   /* packet not for us? */
   if (netif == NULL) {
     /* packet not for us, route or discard */