Merge pull request #1635 in SNORT/snort3 from ~SBAIGAL/snort3:icmp_u2log_fix to master

Squashed commit of the following:

commit 4aadd43f4a78c1e78ef2c1847098f090b6502108
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Fri Jun 7 15:51:43 2019 -0400

    icmp4: verify checksum before the type validation

diff --git a/src/codecs/ip/cd_icmp4.cc b/src/codecs/ip/cd_icmp4.cc
index 77cf4bb4de2908d4b122cf85f0d22823ae441542..fb944fda001fe48fe3deba25dbb93a0d19abf2c4 100644 (file)
--- a/src/codecs/ip/cd_icmp4.cc
+++ b/src/codecs/ip/cd_icmp4.cc
@@ -134,6 +134,18 @@ bool Icmp4Codec::decode(const RawData& raw, CodecData& codec,DecodeData& snort)
     const ICMPHdr* const icmph = reinterpret_cast<const ICMPHdr*>(raw.data);
     uint16_t len = 0;
 
+    if (SnortConfig::icmp_checksums())
+    {
+        uint16_t csum = checksum::cksum_add((const uint16_t*)icmph, raw.len);
+
+        if (csum && !codec.is_cooked())
+        {
+            stats.bad_ip4_cksum++;
+            snort.decode_flags |= DECODE_ERR_CKSUM_ICMP;
+            return false;
+        }
+    }
+
     switch (icmph->type)
     {
     // fall through ...
@@ -178,18 +190,6 @@ bool Icmp4Codec::decode(const RawData& raw, CodecData& codec,DecodeData& snort)
         break;
     }
 
-    if (SnortConfig::icmp_checksums())
-    {
-        uint16_t csum = checksum::cksum_add((const uint16_t*)icmph, raw.len);
-
-        if (csum && !codec.is_cooked())
-        {
-            stats.bad_ip4_cksum++;
-            snort.decode_flags |= DECODE_ERR_CKSUM_ICMP;
-            return false;
-        }
-    }
-
     len =  icmp::ICMP_BASE_LEN;
 
     switch (icmph->type)