Ignore NodeInfos from Users with forged MAC addresses

2025-06-08 14:12:05 +00:00 · 2025-05-30 06:40:58 -05:00 · 2025-05-30 06:40:58 -05:00 · abd0a5d4cd
commit abd0a5d4cd
parent f9d4fdbb52
2 changed files with 41 additions and 1 deletions
--- a/src/modules/NodeInfoModule.cpp
+++ b/src/modules/NodeInfoModule.cpp
@ -6,10 +6,45 @@
 #include "Router.h"
 #include "configuration.h"
 #include "main.h"
+#include "mesh/mesh-pb-constants.h"
 #include <Throttle.h>

 NodeInfoModule *nodeInfoModule;

+ProcessMessage NodeInfoModule::handleReceived(const meshtastic_MeshPacket &mp)
+{
+    if (mp.which_payload_variant != meshtastic_MeshPacket_decoded_tag || mp.decoded.portnum != ourPortNum) {
+        // Not for us, or not decoded, so skip
+        return ProcessMessage::CONTINUE;
+    }
+    // Decode the protobuf payload into a meshtastic_User
+    meshtastic_User p = meshtastic_User_init_default;
+    if (!pb_decode_from_bytes(mp.decoded.payload.bytes, mp.decoded.payload.size, &meshtastic_User_msg, &p)) {
+        LOG_ERROR("Failed to decode NodeInfo protobuf. Ignoring packet.");
+        return ProcessMessage::STOP;
+    }
+    // Validate that the nodenum matches the user's macaddr
+    NodeNum senderNodeNum = getFrom(&mp);
+
+    if (senderNodeNum != nodeDB->getNodeNum()) {
+        // Calculate expected nodenum from macaddr (same logic as pickNewNodeNum)
+        NodeNum expectedNodeNum = (p.macaddr[2] << 24) | (p.macaddr[3] << 16) | (p.macaddr[4] << 8) | p.macaddr[5];
+
+        if (senderNodeNum != expectedNodeNum) {
+            LOG_WARN(
+                "Dropping NodeInfo packet: nodenum 0x%08x doesn't match expected 0x%08x from MAC %02x:%02x:%02x:%02x:%02x:%02x",
+                senderNodeNum, expectedNodeNum, p.macaddr[0], p.macaddr[1], p.macaddr[2], p.macaddr[3], p.macaddr[4],
+                p.macaddr[5]);
+            // Cancel the sending of this packet and stop processing it
+            if (router)
+                router->cancelSending(mp.from, mp.id);
+            return ProcessMessage::STOP;
+        }
+    }
+
+    return ProcessMessage::CONTINUE;
+}
+
 bool NodeInfoModule::handleReceivedProtobuf(const meshtastic_MeshPacket &mp, meshtastic_User *pptr)
 {
    auto p = *pptr;
--- a/src/modules/NodeInfoModule.h
+++ b/src/modules/NodeInfoModule.h
@ -25,11 +25,16 @@ class NodeInfoModule : public ProtobufModule<meshtastic_User>, private concurren

  protected:
    /** Called to handle a particular incoming message
-
    @return true if you've guaranteed you've handled this message and no other handlers should be considered for it
    */
    virtual bool handleReceivedProtobuf(const meshtastic_MeshPacket &mp, meshtastic_User *p) override;

+    /** Called to handle a particular incoming message and continue or stop processing
+     * @return ProcessMessage::STOP if you've guaranteed you've handled this message and no other handlers should be considered
+     * for it
+     */
+    virtual ProcessMessage handleReceived(const meshtastic_MeshPacket &mp) override;
+
    /** Messages can be received that have the want_response bit set.  If set, this callback will be invoked
     * so that subclasses can (optionally) send a response back to the original sender.  */
    virtual meshtastic_MeshPacket *allocReply() override;