chiark / gitweb /
netlink: Set "unused" in ICMP header (SECURITY)
Previously, the "unused" field in our ICMP messages was left
uninitialised (!)
This is a security problem, at least in principle, as the field would
as a result contain bits of previous packets. In practice, the
information leaked could be IP options, TCP ports and sequence
numbers, or UDP ports, length and/or checksum, or similar information
for other protocols, so the impact is limited.
Set the field to 0. Also, make provision for netlink_icmp_simple's
callers to be able to specify a different value, if desired.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>