Skip to content

Insufficient validation of responses #8

New issue
New issue
Open
Open
Insufficient validation of responses#8
@lyricnz

Description

@lyricnz
lyricnz
opened on Jan 13, 2023

This code uses a UDP request-response pattern, but the response is not validated to be one that matches the request. The code should be checking:

  • sequence number in response matches the request
  • the host_mac in response matches the request
  • responses are not duplicates (can happen if machine has >1 NIC on the same network - eg ethernet + wifi)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions