From: Steve Chew (stechew) <stechew@cisco.com>
Date: Tue, 11 Jun 2019 18:45:06 +0000 (-0400)
Subject: Merge pull request #1635 in SNORT/snort3 from ~SBAIGAL/snort3:icmp_u2log_fix to master
X-Git-Tag: 3.0.0-257~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0d71d1daae52e413e9653ae1207c38281b567de7;p=thirdparty%2Fsnort3.git

Merge pull request #1635 in SNORT/snort3 from ~SBAIGAL/snort3:icmp_u2log_fix to master

Squashed commit of the following:

commit 4aadd43f4a78c1e78ef2c1847098f090b6502108
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Fri Jun 7 15:51:43 2019 -0400

    icmp4: verify checksum before the type validation
---

diff --git a/src/codecs/ip/cd_icmp4.cc b/src/codecs/ip/cd_icmp4.cc
index 77cf4bb4d..fb944fda0 100644
--- a/src/codecs/ip/cd_icmp4.cc
+++ b/src/codecs/ip/cd_icmp4.cc
@@ -134,6 +134,18 @@ bool Icmp4Codec::decode(const RawData& raw, CodecData& codec,DecodeData& snort)
     const ICMPHdr* const icmph = reinterpret_cast<const ICMPHdr*>(raw.data);
     uint16_t len = 0;
 
+    if (SnortConfig::icmp_checksums())
+    {
+        uint16_t csum = checksum::cksum_add((const uint16_t*)icmph, raw.len);
+
+        if (csum && !codec.is_cooked())
+        {
+            stats.bad_ip4_cksum++;
+            snort.decode_flags |= DECODE_ERR_CKSUM_ICMP;
+            return false;
+        }
+    }
+
     switch (icmph->type)
     {
     // fall through ...
@@ -178,18 +190,6 @@ bool Icmp4Codec::decode(const RawData& raw, CodecData& codec,DecodeData& snort)
         break;
     }
 
-    if (SnortConfig::icmp_checksums())
-    {
-        uint16_t csum = checksum::cksum_add((const uint16_t*)icmph, raw.len);
-
-        if (csum && !codec.is_cooked())
-        {
-            stats.bad_ip4_cksum++;
-            snort.decode_flags |= DECODE_ERR_CKSUM_ICMP;
-            return false;
-        }
-    }
-
     len =  icmp::ICMP_BASE_LEN;
 
     switch (icmph->type)