From e0c4ebfe122f8bc75cefeb881524db168ef6eb0b Mon Sep 17 00:00:00 2001 From: krzysztof-cabaj Date: Sat, 16 Sep 2023 12:20:21 -0400 Subject: [PATCH] sys/shell/ping: add protection from icmp packet overflow --- sys/shell/cmds/gnrc_icmpv6_echo.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/sys/shell/cmds/gnrc_icmpv6_echo.c b/sys/shell/cmds/gnrc_icmpv6_echo.c index 3c1c3776f68a1..784f8f4705343 100644 --- a/sys/shell/cmds/gnrc_icmpv6_echo.c +++ b/sys/shell/cmds/gnrc_icmpv6_echo.c @@ -172,6 +172,7 @@ static int _configure(int argc, char **argv, _ping_data_t *data) { char *cmdname = argv[0]; int res = 1; + int value; /* parse command line arguments */ for (int i = 1; i < argc; i++) { @@ -207,7 +208,13 @@ static int _configure(int argc, char **argv, _ping_data_t *data) /* intentionally falls through */ case 's': if ((++i) < argc) { - data->datalen = atoi(argv[i]); + value = atoi(argv[i]); + + if(value < 0 || value > 65527) { + printf("ICMPv6 datagram size should be in range <0, 65527>.\n"); + return -1; + } + data->datalen = value; continue; } /* intentionally falls through */