packet: Better validate parameters to constructors better icmp

According to RFC 4884 (which supersedes RFC 792), the Destination
Unreachable and Time Exceeded ICMP message get a new “length” field.
This length field, for ICMPv4, is interpreted in 32 bit units.

In the constructor, we cannot validate that the length specified
matches the length of the data passed; the length may need to be
larger (in 32 bit units) in order to accommodate the data that is
actually being sent.  We *should*, however, ensure that the data_len
parameter passed fits into a single byte.

It may make sense to document the fact that the length is specified 32
bit units, for when users of the icmp class get a ValueError back
from these constructors.

Signed-off-by: Victor J. Orlikowski <vjo@duke.edu>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>

ryu/lib/packet/icmp.py

@@ -214,7 +214,12 @@ class dest_unreach(stringify.StringifyMixin):
 
     def __init__(self, data_len=0, mtu=0, data=None):
         super(dest_unreach, self).__init__()
-        self.data_len = data_len
+
+        if ((data_len >= 0) and (data_len <= 255)):
+            self.data_len = data_len
+        else:
+            raise ValueError('Specified data length (%d) is invalid.' % data_len)
+
         self.mtu = mtu
         self.data = data
 
@@ -273,7 +278,11 @@ class TimeExceeded(stringify.StringifyMixin):
     _MIN_LEN = struct.calcsize(_PACK_STR)
 
     def __init__(self, data_len=0, data=None):
-        self.data_len = data_len
+        if ((data_len >= 0) and (data_len <= 255)):
+            self.data_len = data_len
+        else:
+            raise ValueError('Specified data length (%d) is invalid.' % data_len)
+
         self.data = data
 
     @classmethod