VPC: CS-15813 - ICMP type and code validation

server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java

@@ -151,7 +151,20 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{
 
         if (protocol.equalsIgnoreCase(NetUtils.ICMP_PROTO) && (portStart != null || portEnd != null)) {
             throw new InvalidParameterValueException("Can't specify start/end port when protocol is ICMP", null);
-        } 
+        }
+        
+        //validate icmp code and type
+        if (icmpType != null) {
+            if (!NetUtils.validateIcmpType(icmpType)) {
+                throw new InvalidParameterValueException("Invalid icmp type; should belong to [0-255] range", null);
+            }
+            if (icmpCode != null) {
+                if (!NetUtils.validateIcmpCode(icmpCode)) {
+                    throw new InvalidParameterValueException("Invalid icmp code; should belong to [0-15] range and can" +
+                            " be defined when icmpType belongs to [0-40] range", null);
+                }
+            }
+        }
 
         validateNetworkACL(caller, network, portStart, portEnd, protocol);
 

utils/src/com/cloud/utils/net/NetUtils.java

@@ -1147,4 +1147,24 @@ public class NetUtils {
         }
         return true;
     }
+    
+    public static boolean validateIcmpType(int icmpType) {
+        //Source - http://www.erg.abdn.ac.uk/~gorry/course/inet-pages/icmp-code.html
+        if(!(icmpType >=0 && icmpType <=255)) {
+            s_logger.warn("impcType is not within 0-255 range");
+            return false;
+        }
+        return true;
+    }
+    
+    public static boolean validateIcmpCode(int icmpCode) {
+        
+        //Source - http://www.erg.abdn.ac.uk/~gorry/course/inet-pages/icmp-code.html
+        if(!(icmpCode >=0 && icmpCode <=15)) {
+            s_logger.warn("Icmp code should be within 0-15 range");
+            return false;
+        }
+        
+        return true;
+    }
 }