Follow-up Comment #3, bug #66058 (group lwip):
[comment #2 comment #2:]
There is an error in the calculation of the amount of timers needed,
LWIP_NUM_SYS_TIMEOUT_INTERNAL. It fails to include a timer for DHCPv6 if it
is requested. It is used as a default value for MEMP_NUM_SYS_TIMEOUT so if it
is not overridden the amount of timers needed is too low and the assert will
occur.
Please see if error still occurs with attached patch. In any case the patch
should be pushed.
(file #56673)
Thank you for the update. I downloaded the latest version and tested it with
the data generated by AFL. The issue is resolved with the patch applied, and
no crashes were observed.
Could this issue potentially qualify for a CVE?
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/bugs/?66058>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
_______________________________________________
lwip-devel mailing list
lwip-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/lwip-devel