From 2c440c9f176da6e8e80ced0bf68279f14f5d2e0f Mon Sep 17 00:00:00 2001
From: Sunil Nimmagadda <sunil@nimmagadda.net>
Date: Tue, 1 Jul 2025 23:44:02 +0530
Subject: Check for invalid IP count.

---
 src/vrrpv2.rs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'src')

diff --git a/src/vrrpv2.rs b/src/vrrpv2.rs
index bcb2315..4e53b20 100644
--- a/src/vrrpv2.rs
+++ b/src/vrrpv2.rs
@@ -44,6 +44,7 @@ pub struct VRRPv2 {
 pub enum VRRPv2Error {
     InvalidAuthType,
     InvalidChecksum,
+    InvalidIPCount,
     InvalidTTL,
     InvalidType,
     InvalidVersion,
@@ -55,6 +56,7 @@ impl std::fmt::Display for VRRPv2Error {
         match self {
             Self::InvalidAuthType => write!(f, "Invalid Auth Type"),
             Self::InvalidChecksum => write!(f, "Invalid Checksum"),
+            Self::InvalidIPCount => write!(f, "Invalid IP Count"),
             Self::InvalidTTL => write!(f, "Invalid TTL"),
             Self::InvalidType => write!(f, "Invalid Type"),
             Self::InvalidVersion => write!(f, "Invalid Version"),
@@ -144,6 +146,9 @@ fn parse(bytes: &[u8]) -> Result<VRRPv2, VRRPv2Error> {
     let virtual_router_id = rdr.read_u8()?;
     let priority = rdr.read_u8()?;
     let count_ip_addrs = rdr.read_u8()?;
+    if count_ip_addrs == 0 {
+        return Err(VRRPv2Error::InvalidIPCount);
+    }
     let auth_type = rdr.read_u8()?;
     let auth_type = match auth_type {
         0 => AuthType::NoAuth,
@@ -258,6 +263,15 @@ fn test_invalid_checksum() {
     assert_eq!(from_bytes(&bytes), Err(VRRPv2Error::InvalidChecksum));
 }
 
+#[test]
+fn test_invalid_ipcount() {
+    let bytes = [
+        0x21, 0x2a, 0x64, 0x0, 0x0, 0x1, 0xaa, 0x29, 0xc0, 0xa8, 0x0, 0x1, 0x0,
+        0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+    ];
+    assert_eq!(from_bytes(&bytes), Err(VRRPv2Error::InvalidIPCount));
+}
+
 #[test]
 fn test_checksum() {
     let bytes = [0x00, 0x01, 0xf2, 0x03, 0xf4, 0xf5, 0xf6, 0xf7];
-- 
cgit v1.2.3