From 99341a5cebe8db22a67cf0de503575ae5fb3ae62 Mon Sep 17 00:00:00 2001
From: Roy Marples <roy@marples.name>
Date: Tue, 22 Oct 2019 12:39:56 +0100
Subject: [PATCH] Linux: Validate RTM_DELADDR/RTM_NEWADDR messages for IPv6

To ensure that if messages lag, they can be ignored.
How to do similar without a heavy getifaddrs call for IPv4?
---
 src/if-linux.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/if-linux.c b/src/if-linux.c
index 3ee6c5c9..4fd5d265 100644
--- a/src/if-linux.c
+++ b/src/if-linux.c
@@ -634,6 +634,7 @@ link_addr(struct dhcpcd_ctx *ctx, struct interface *ifp, struct nlmsghdr *nlm)
 #endif
 #ifdef INET6
 	struct in6_addr addr6;
+	int flags;
 #endif
 
 	if (nlm->nlmsg_type != RTM_DELADDR && nlm->nlmsg_type != RTM_NEWADDR)
@@ -682,6 +683,8 @@ link_addr(struct dhcpcd_ctx *ctx, struct interface *ifp, struct nlmsghdr *nlm)
 			}
 			rta = RTA_NEXT(rta, len);
 		}
+
+		/* XXX how to validate command for address? */
 		ipv4_handleifa(ctx, nlm->nlmsg_type, NULL, ifp->name,
 		    &addr, &net, &brd, ifa->ifa_flags, (pid_t)nlm->nlmsg_pid);
 		break;
@@ -698,6 +701,18 @@ link_addr(struct dhcpcd_ctx *ctx, struct interface *ifp, struct nlmsghdr *nlm)
 			}
 			rta = RTA_NEXT(rta, len);
 		}
+
+		/* Validate RTM_DELADDR really means address deleted
+		 * and anything else really means address exists. */
+		flags = if_addrflags6(ifp, &addr6, NULL);
+		if (nlm->nlmsg_type == RTM_DELADDR) {
+			if (flags != -1)
+				break;
+		} else {
+			if (flags == -1)
+				break;
+		}
+
 		ipv6_handleifa(ctx, nlm->nlmsg_type, NULL, ifp->name,
 		    &addr6, ifa->ifa_prefixlen, ifa->ifa_flags,
 		    (pid_t)nlm->nlmsg_pid);
-- 
2.47.3