From e7cb80474d4e580f7cc7c8645e1412e4a59f7588 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 22 Feb 2024 13:59:57 +0900
Subject: [PATCH 1/2] sd-ndisc: disable timer event source only when a valid RA
 received

Fixes #31439.
---
 src/libsystemd-network/sd-ndisc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/libsystemd-network/sd-ndisc.c b/src/libsystemd-network/sd-ndisc.c
index 0b5626670b..9b2635ae1c 100644
--- a/src/libsystemd-network/sd-ndisc.c
+++ b/src/libsystemd-network/sd-ndisc.c
@@ -196,6 +196,8 @@ static int ndisc_handle_datagram(sd_ndisc *nd, sd_ndisc_router *rt) {
         if (r < 0)
                 return r;
 
+        (void) event_source_disable(nd->timeout_event_source);
+
         log_ndisc(nd, "Received Router Advertisement: flags %s preference %s lifetime %s",
                   rt->flags & ND_RA_FLAG_MANAGED ? "MANAGED" : rt->flags & ND_RA_FLAG_OTHER ? "OTHER" : "none",
                   rt->preference == SD_NDISC_PREFERENCE_HIGH ? "high" : rt->preference == SD_NDISC_PREFERENCE_LOW ? "low" : "medium",
@@ -253,7 +255,6 @@ static int ndisc_recv(sd_event_source *s, int fd, uint32_t revents, void *userda
         if (in6_addr_is_null(&rt->address))
                 log_ndisc(nd, "Received RA from null address. Ignoring.");
 
-        (void) event_source_disable(nd->timeout_event_source);
         (void) ndisc_handle_datagram(nd, rt);
         return 0;
 }

From 189eeddaecb40881c3a86f263085b972ed2dc08b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 22 Feb 2024 14:33:29 +0900
Subject: [PATCH 2/2] sd-ndisc: actually refuse RA message from null address

---
 src/libsystemd-network/sd-ndisc.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/libsystemd-network/sd-ndisc.c b/src/libsystemd-network/sd-ndisc.c
index 9b2635ae1c..ac31d212e3 100644
--- a/src/libsystemd-network/sd-ndisc.c
+++ b/src/libsystemd-network/sd-ndisc.c
@@ -252,8 +252,10 @@ static int ndisc_recv(sd_event_source *s, int fd, uint32_t revents, void *userda
 
         /* The function icmp6_receive() accepts the null source address, but RFC 4861 Section 6.1.2 states
          * that hosts MUST discard messages with the null source address. */
-        if (in6_addr_is_null(&rt->address))
-                log_ndisc(nd, "Received RA from null address. Ignoring.");
+        if (in6_addr_is_null(&rt->address)) {
+                log_ndisc(nd, "Received an ICMPv6 packet from null address, ignoring.");
+                return 0;
+        }
 
         (void) ndisc_handle_datagram(nd, rt);
         return 0;