[riot-notifications] [RIOT-OS/RIOT] gnrc_tftp: initialize unititialized 'tftp_context_t' (#11773)

nmeum notifications at github.com
Wed Jul 3 16:05:31 CEST 2019


nmeum commented on this pull request.



> @@ -405,11 +405,14 @@ int gnrc_tftp_server(tftp_data_cb_t data_cb, tftp_start_cb_t start_cb, tftp_stop
     }
 
     /* context will be initialized when a connection is established */
-    tftp_context_t ctxt;
-    ctxt.data_cb = data_cb;
-    ctxt.start_cb = start_cb;
-    ctxt.stop_cb = stop_cb;
-    ctxt.enable_options = use_options;
+    tftp_context_t ctxt = {
+        .dst_port = GNRC_TFTP_DEFAULT_DST_PORT,
+        .src_port = GNRC_TFTP_DEFAULT_DST_PORT,

> If I leave it unconfigured, the testing procedure in #11772 runs into an assertion here […]

You did leave it unconfigered in your PR, right? Because doesn't this allow someone to crash a RIOT node running `gnrc_tftp` with `DEVELHELP = 1` by sending a crafted input?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/11773#discussion_r299974959
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190703/18aa483e/attachment.html>


More information about the notifications mailing list