From 4709d21df845222aa5aa6dfe91bf82a3bd09b1cc Mon Sep 17 00:00:00 2001 From: GUVWAF <78759985+GUVWAF@users.noreply.github.com> Date: Thu, 20 Feb 2025 21:34:09 +0100 Subject: [PATCH] Ignore and disallow multi-hop traceroutes destined to broadcast address (#6109) * Ignore traceroutes destined to broadcast address * Disallow multi-hop traceroute request to broadcast address * Allow zero-hop broadcast requests --- src/mesh/PhoneAPI.cpp | 5 +++++ src/modules/TraceRouteModule.cpp | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/src/mesh/PhoneAPI.cpp b/src/mesh/PhoneAPI.cpp index 6789acbb3..699e6e0e4 100644 --- a/src/mesh/PhoneAPI.cpp +++ b/src/mesh/PhoneAPI.cpp @@ -643,6 +643,11 @@ bool PhoneAPI::handleToRadioPacket(meshtastic_MeshPacket &p) meshtastic_QueueStatus qs = router->getQueueStatus(); service->sendQueueStatusToPhone(qs, 0, p.id); return false; + } else if (p.decoded.portnum == meshtastic_PortNum_TRACEROUTE_APP && isBroadcast(p.to) && p.hop_limit > 0) { + sendNotification(meshtastic_LogRecord_Level_WARNING, p.id, "Multi-hop traceroute to broadcast address is not allowed"); + meshtastic_QueueStatus qs = router->getQueueStatus(); + service->sendQueueStatusToPhone(qs, 0, p.id); + return false; } else if (p.decoded.portnum == meshtastic_PortNum_POSITION_APP && lastPortNumToRadio[p.decoded.portnum] && Throttle::isWithinTimespanMs(lastPortNumToRadio[p.decoded.portnum], FIVE_SECONDS_MS)) { LOG_WARN("Rate limit portnum %d", p.decoded.portnum); diff --git a/src/modules/TraceRouteModule.cpp b/src/modules/TraceRouteModule.cpp index 79b14de0a..e9aaf9d30 100644 --- a/src/modules/TraceRouteModule.cpp +++ b/src/modules/TraceRouteModule.cpp @@ -150,6 +150,12 @@ meshtastic_MeshPacket *TraceRouteModule::allocReply() { assert(currentRequest); + // Ignore multi-hop broadcast requests + if (isBroadcast(currentRequest->to) && currentRequest->hop_limit < currentRequest->hop_start) { + ignoreRequest = true; + return NULL; + } + // Copy the payload of the current request auto req = *currentRequest; const auto &p = req.decoded;