[riot-notifications] [RIOT-OS/RIOT] examples / tests: return value of `gnrc_netif_hdr_build()` not checked in udp.c (#11631)

Martine Lenders notifications at github.com
Tue Jun 4 18:41:38 CEST 2019


<!--
====================================
IF YOUR ISSUE IS RELATED TO SECURITY
====================================
please submit it to the security mailing-list security at riot-os.org.

If your issue is a question related to the usage of RIOT, please submit it to
the user mailing-list users at riot-os.org or to the developer mailing-list
devel at riot-os.org.
-->

#### Description
This is an error that was copied over multiple applications, this is why I can't fix it right now, but I wanted to report it.

The return value of `gnrc_netif_hdr_build()` is not checked in most versions of the `udp send` for GNRC I came across. This results in the node to crash if the packet happens to have a very large payload https://github.com/RIOT-OS/RIOT/blob/6b582fd5d0ad95b1b5b856b89c3d25e454cff1b3/examples/gnrc_networking/udp.c#L90-L93
<!--
Example: Cannot build gnrc_networking application for samr21-xpro board.
-->

#### Steps to reproduce the issue
Merge #11623 and build any application containing `udp.c` with `USEMODULE=gnrc_ipv6_ext_frag` (preferably one that can send large payloads like `tests/gnrc_udp`). Then send a packet that is just big enough to allow for allocation of the payload, the IPv6 header and UDP header.

```
udp send fe80::2806:1aff:fedd:f6d8 20908 6000
```

Probably also works with `slipdev` as device, but I did not test that.
<!--
Try to describe as precisely as possible here the steps required to reproduce
the issue. Here you can also describe your hardware configuration, the network
setup, etc.
-->

#### Expected results
The packet should not be send, an error message like e.g.

```
Error: unable to allocate NETIF header
```

should be printed.
<!--
Example: The gnrc_networking application builds on samr21-xpro.
-->

#### Actual results
The node crashes due to a NULL pointer dereference.
<!--
Please paste or specifically describe the actual output.
-->

#### Versions
Current master (https://github.com/RIOT-OS/RIOT/commit/6b582fd5d0ad95b1b5b856b89c3d25e454cff1b3) with #11623.
<!--
Operating system: Mac OSX, Linux, Vagrant VM
Build environment: GCC, CLang versions (you can run the following command from
the RIOT base directory: make print-versions).
-->

<!-- Thanks for contributing! -->


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/issues/11631
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190604/458f1c42/attachment.html>


More information about the notifications mailing list