mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-12-18 11:03:50 +01:00
498e531e2f
As far as I can tell, no DHCPv6 RFC specifies this option. The handling for the zero option was added in #17736 by @benpicco to fix issues encountered while trying to retrieve a DHCHPv6 lease. However, I strongly suspect that the zero option was encountered in this case due to an out-of-bounds read performed in RIOT's DHCPv6 client implementation (i.e. the option parsing loop read beyond the packet bounds). This issue was fixed in #18307 and I strongly suspect that it should also fix the issue @benpicco originally encountered in #17736. As such, I propose that we remove the if statement which treats the zero option as an end-of-payload marker. Fixes #18309