Sören Tempel f073dcdb3d gnrc_dhcpv6_client: Fix out-of-bounds access during option parsing ... The _parse_reply function iterates over the DHCPv6 message options twice but only performs sanity checks on the option length in the first iteration. As such, both loop iterations need to be identical. Unfortunately, there aren't without this commit as (1) they use different maximum length values and (2) the first iteration stops parsing as soon as it encounters a zero option while the second doesn't. As such, it is possible for out-of-bounds read to be performed by the second loop iteration. This commit fixes this.		2022-07-11 22:55:33 +02:00
..
_dhcpv6.h	sys/net/dhcpv6: Implement stateless DHCPv6	2021-10-04 17:40:56 +02:00
client_dns.c	dhcpv6_client: add DNS recursive name server option handling	2021-06-24 16:01:59 +02:00
client.c	gnrc_dhcpv6_client: Fix out-of-bounds access during option parsing	2022-07-11 22:55:33 +02:00
Kconfig	Merge pull request #16228 from JKRhb/dhcp-ia-na	2021-08-11 20:50:01 +02:00
Makefile	dhcpv6: provide initial client implementation	2020-01-16 12:36:03 +01:00
relay.c	dhcpv6_relay: initial import of a lightweight DHCPv6 relay agent	2021-08-11 13:19:06 +02:00