From d719413b10093766cf7da0cd7c806fe70cae3ebf Mon Sep 17 00:00:00 2001
From: kellyyeh <kellyyeh@microsoft.com>
Date: Sat, 2 Apr 2022 00:05:00 +0000
Subject: [PATCH] Add dhcpv6 option check

---
 src/dhcp6relay/src/relay.cpp | 25 ++++++++++++++++++++++++-
 src/dhcp6relay/src/relay.h   |  1 +
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/src/dhcp6relay/src/relay.cpp b/src/dhcp6relay/src/relay.cpp
index 234646c1fb74..54fe075d0c0f 100644
--- a/src/dhcp6relay/src/relay.cpp
+++ b/src/dhcp6relay/src/relay.cpp
@@ -609,21 +609,44 @@ void callback(evutil_socket_t fd, short event, void *arg) {
     current_position = tmp;
 
     auto msg = parse_dhcpv6_hdr(current_position);
+    auto option_position = current_position + sizeof(struct dhcpv6_msg);
+
     counters[msg->msg_type]++;
     std::string counterVlan = counter_table;
     update_counter(config->db, counterVlan.append(config->interface), msg->msg_type);
 
+    if(msg->msg_type != DHCPv6_MESSAGE_TYPE_RELAY_FORW) {
+        while (option_position - message_buffer < len) {
+            auto option = parse_dhcpv6_opt(option_position, &tmp);
+            option_position = tmp;
+            if(ntohs(option->option_code) > 56) {   // DHCPv6 option code greater than 56 are currently unassigned
+                syslog(LOG_INFO, "DHCPv6 option is invalid or contains malformed payload\n");
+                return;
+            }
+        }
+    }
+
     switch (msg->msg_type) {
         case DHCPv6_MESSAGE_TYPE_RELAY_FORW:
         {
             relay_relay_forw(config->local_sock, current_position, ntohs(udp_header->len) - sizeof(udphdr), ip_header, config);
             break;
         }
-        default:
+        case DHCPv6_MESSAGE_TYPE_SOLICIT:
+        case DHCPv6_MESSAGE_TYPE_REQUEST: 
+        case DHCPv6_MESSAGE_TYPE_RENEW:
+        case DHCPv6_MESSAGE_TYPE_REBIND:
+        case DHCPv6_MESSAGE_TYPE_RELEASE:
+        case DHCPv6_MESSAGE_TYPE_DECLINE:
         {
             relay_client(config->local_sock, current_position, ntohs(udp_header->len) - sizeof(udphdr), ip_header, ether_header, config);
             break;
         }
+        default:
+        {
+            syslog(LOG_INFO, "DHCPv6 client message received was not relayed\n");
+            break;
+        }
     }
 }
 
diff --git a/src/dhcp6relay/src/relay.h b/src/dhcp6relay/src/relay.h
index c224a9b28630..b85a68ef32d8 100644
--- a/src/dhcp6relay/src/relay.h
+++ b/src/dhcp6relay/src/relay.h
@@ -58,6 +58,7 @@ struct relay_config {
 
 struct dhcpv6_msg {
     uint8_t msg_type;
+    uint8_t xid[3];
 };
 
 struct PACKED dhcpv6_relay_msg {