Skip to content

fix: validate ICMP ID per socket, fix dual-stack ID mismatch#15

Merged
gsnw-sebast merged 1 commit intomainfrom
fix-sockdgram
Mar 28, 2026
Merged

fix: validate ICMP ID per socket, fix dual-stack ID mismatch#15
gsnw-sebast merged 1 commit intomainfrom
fix-sockdgram

Conversation

@gsnw-sebast
Copy link
Copy Markdown
Contributor

@gsnw-sebast gsnw-sebast commented Mar 28, 2026

Fix three related bugs around ICMP echo identifier handling:

  1. recv_ping() did not filter incoming packets by expected ID.
    In SOCK_DGRAM mode the Linux kernel overwrites the ICMP identifier with
    the port number assigned by bind(), so a post-call check against a
    self-chosen process ID would silently discard all legitimate replies or
    accept replies from other processes.

  2. pinger.rs tracked a single my_id for both sockets via
    dgram_id4.or(dgram_id6). In dual-stack operation each SOCK_DGRAM socket
    receives its own independent kernel-assigned port; collapsing them into
    one value caused all IPv6 echo replies to be rejected because their
    assigned ID differed from the IPv4 one stored in my_id.

  3. build_icmp_packet() was called with the now-removed shared my_id
    instead of the per-address-family ID, so sent packets already carried
    the wrong identifier before any reply was received.

@gsnw-sebast gsnw-sebast merged commit e1d68d1 into main Mar 28, 2026
2 checks passed
@gsnw-sebast gsnw-sebast deleted the fix-sockdgram branch March 28, 2026 11:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gsnw-sebast