[lwip-devel] Use of LWIP

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] Use of LWIP_ERROR in dhcp.c

From:	Craig McQueen
Subject:	[lwip-devel] Use of LWIP_ERROR in dhcp.c
Date:	Thu, 7 Feb 2019 05:05:17 +0000

I see in dhcp.c, there is use of LWIP_ERROR when checking values in the DHCP 
message from the server. Eg in dhcp_parse_reply():

    LWIP_ERROR("len == 4", len == 4, return ERR_VAL;);

But LWIP_ERROR() is equivalent to an assert(), and will cause an infinite loop 
(and probably watchdog reset). So LWIP_ERROR() isn't suitable to use when 
parsing protocol data, is it? Otherwise, an attacker could cause a system reset 
by sending malformed data to the device.

-- 
Craig McQueen

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] Use of LWIP_ERROR in dhcp.c, Craig McQueen <=
- Re: [lwip-devel] Use of LWIP_ERROR in dhcp.c, goldsimon, 2019/02/07
  - Re: [lwip-devel] Use of LWIP_ERROR in dhcp.c, Craig McQueen, 2019/02/08

Prev by Date: Re: [lwip-devel] [PATCH v2] PPP, PPPoE: Use service name and concentrator name
Next by Date: Re: [lwip-devel] Use of LWIP_ERROR in dhcp.c
Previous by thread: Re: [lwip-devel] [PATCH v2] PPP, PPPoE: Use service name and concentrator name
Next by thread: Re: [lwip-devel] Use of LWIP_ERROR in dhcp.c
Index(es):
- Date
- Thread