mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2024-11-04 14:29:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
lwIP mirror from http://git.savannah.gnu.org/cgit/lwip.git
6,738 Commits 4 Branches 50 Tags 15 MiB
C 93.5%
C# 5.1%
CMake 0.6%
Makefile 0.5%
HTML 0.1%
d8d1e4a015
Go to file
Jonathan Neuschäfer d8d1e4a015 altcp: Fix NULL pointer dereference found by fuzzing 
Reproducer (in bash):

base64 -d <<< "H4sIAP/9L2QCA+3WoQ2AMBSE4QoCTFHBBJfgSRF4RDfpRmgmYBpGQRBCk4ZiSfk/+fJMK+5dZRVpzSQzSs6oPierDV4y87WxLQLwE42SfNCdDyHJB9/xZwAARPbMJbUq4JJmu4JVT1cAAACfbGIqoqcMzy90eu+aBw2+N28WFgAA" | gunzip | test/fuzz/lwip_fuzz2

Crash log:

../../src/core/altcp_tcp.c:178:13: runtime error: member access within null pointer of type 'struct tcp_pcb'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../src/core/altcp_tcp.c:178:13 in
AddressSanitizer:DEADLYSIGNAL
=================================================================
==192415==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000048 (pc 0x557065081703 bp 0x0aae0cb71204 sp 0x7ffd034dabc0 T0)
==192415==The signal is caused by a READ memory access.
==192415==Hint: address points to the zero page.
    #0 0x557065081703 in altcp_tcp_setup_callbacks /.../lwip/test/fuzz/../../src/core/altcp_tcp.c:178:19
    #1 0x55706508206f in altcp_tcp_setup /.../lwip/test/fuzz/../../src/core/altcp_tcp.c:189:3
    #2 0x55706508206f in altcp_tcp_accept /.../lwip/test/fuzz/../../src/core/altcp_tcp.c:84:5
    #3 0x557065095592 in tcp_input /.../lwip/test/fuzz/../../src/core/tcp_in.c:380:9
    #4 0x5570650e752f in ip4_input /.../lwip/test/fuzz/../../src/core/ipv4/ip4.c:743:9
    #5 0x55706513d4de in ethernet_input /.../lwip/test/fuzz/../../src/netif/ethernet.c:186:9
    #6 0x557064fe0959 in input_pkt /.../lwip/test/fuzz/fuzz_common.c:209:9
    #7 0x557064fdeb6a in input_pkts /.../lwip/test/fuzz/fuzz_common.c:257:9
    #8 0x557064fdeb6a in lwip_fuzztest /.../lwip/test/fuzz/fuzz_common.c:669:3
    #9 0x7ff4f578e189 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #10 0x7ff4f578e244 in __libc_start_main csu/../csu/libc-start.c:381:3
    #11 0x557064f20420 in _start (/.../lwip/test/fuzz/lwip_fuzz2+0x81420) (BuildId: 8680a96430d5749c90111fe9c3a3d4f881a5dbcd)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /.../lwip/test/fuzz/../../src/core/altcp_tcp.c:178:19 in altcp_tcp_setup_callbacks
==192415==ABORTING
Aborted
2023-04-07 22:32:18 +02:00
.github/workflows Switch from travis to github actions for CI 2021-11-27 20:48:02 +01:00
.vscode vscode: fix debugging on windows 2022-03-25 21:29:31 +01:00
contrib contrib/ports/unix: add vdeif 2023-04-07 22:13:55 +02:00
doc doxygen: Remove obsolete config 2021-11-27 20:40:54 +01:00
src altcp: Fix NULL pointer dereference found by fuzzing 2023-04-07 22:32:18 +02:00
test test/fuzz: Use HTTPS URLs and mention AFL++ 2023-04-07 22:27:30 +02:00
.gitattributes Update gitattributes after travis removal 2021-11-28 20:56:37 +01:00
.gitignore gitignore: *.exe moved to top level 2022-05-09 21:13:38 +02:00
BUILDING some documentation fixes after merging contrib and example apps 2022-12-22 21:42:42 +01:00
CHANGELOG some documentation fixes after merging contrib and example apps 2022-12-22 21:42:42 +01:00
CMakeLists.txt List supported build types in top-level CMakeLists.txt 2018-11-26 09:26:37 +01:00
codespell_changed_files.sh codespell: change file names, add possibility to write changes 2020-02-15 21:45:22 +01:00
codespell_check.sh codespell: change file names, add possibility to write changes 2020-02-15 21:45:22 +01:00
COPYING Clean up COPYING 2020-12-05 09:48:51 +01:00
FEATURES Add ACD to several documents 2018-10-04 21:13:32 +02:00
FILES
README README: Update CI link 2021-11-27 21:09:06 +01:00
UPGRADING UPGRADING: added a not about merging contrib 2022-12-22 22:07:16 +01:00

README 

INTRODUCTION

lwIP is a small independent implementation of the TCP/IP protocol suite.

The focus of the lwIP TCP/IP implementation is to reduce the RAM usage
while still having a full scale TCP. This making lwIP suitable for use
in embedded systems with tens of kilobytes of free RAM and room for
around 40 kilobytes of code ROM.

lwIP was originally developed by Adam Dunkels at the Computer and Networks
Architectures (CNA) lab at the Swedish Institute of Computer Science (SICS)
and is now developed and maintained by a worldwide network of developers.

FEATURES

  * IP (Internet Protocol, IPv4 and IPv6) including packet forwarding over
    multiple network interfaces
  * ICMP (Internet Control Message Protocol) for network maintenance and debugging
  * IGMP (Internet Group Management Protocol) for multicast traffic management
  * MLD (Multicast listener discovery for IPv6). Aims to be compliant with
    RFC 2710. No support for MLDv2
  * ND (Neighbor discovery and stateless address autoconfiguration for IPv6).
    Aims to be compliant with RFC 4861 (Neighbor discovery) and RFC 4862
    (Address autoconfiguration)
  * DHCP, AutoIP/APIPA (Zeroconf), ACD (Address Conflict Detection)
    and (stateless) DHCPv6
  * UDP (User Datagram Protocol) including experimental UDP-lite extensions
  * TCP (Transmission Control Protocol) with congestion control, RTT estimation
    fast recovery/fast retransmit and sending SACKs
  * raw/native API for enhanced performance
  * Optional Berkeley-like socket API
  * TLS: optional layered TCP ("altcp") for nearly transparent TLS for any
    TCP-based protocol (ported to mbedTLS) (see changelog for more info)
  * PPPoS and PPPoE (Point-to-point protocol over Serial/Ethernet)
  * DNS (Domain name resolver incl. mDNS)
  * 6LoWPAN (via IEEE 802.15.4, BLE or ZEP)


APPLICATIONS

  * HTTP server with SSI and CGI (HTTPS via altcp)
  * SNMPv2c agent with MIB compiler (Simple Network Management Protocol), v3 via altcp
  * SNTP (Simple network time protocol)
  * NetBIOS name service responder
  * MDNS (Multicast DNS) responder
  * iPerf server implementation
  * MQTT client (TLS support via altcp)


LICENSE

lwIP is freely available under a BSD license.


DEVELOPMENT

lwIP has grown into an excellent TCP/IP stack for embedded devices,
and developers using the stack often submit bug fixes, improvements,
and additions to the stack to further increase its usefulness.

Development of lwIP is hosted on Savannah, a central point for
software development, maintenance and distribution. Everyone can
help improve lwIP by use of Savannah's interface, Git and the
mailing list. A core team of developers will commit changes to the
Git source tree.

The lwIP TCP/IP stack is maintained in the 'src' directory and
contributions (such as platform ports and applications) are in
the 'contrib' directory.

See doc/savannah.txt for details on Git server access for users and
developers.

The current Git tree is web-browsable:
  https://git.savannah.gnu.org/cgit/lwip.git

Submit patches and bugs via the lwIP project page:
  https://savannah.nongnu.org/projects/lwip/

Continuous integration builds (GCC, clang):
  https://github.com/lwip-tcpip/lwip/actions


DOCUMENTATION

Self documentation of the source code is regularly extracted from the current
Git sources and is available from this web page:
  https://www.nongnu.org/lwip/

Also, there are mailing lists you can subscribe at
  https://savannah.nongnu.org/mail/?group=lwip
plus searchable archives:
  https://lists.nongnu.org/archive/html/lwip-users/
  https://lists.nongnu.org/archive/html/lwip-devel/

There is a wiki about lwIP at
  https://lwip.wikia.com/wiki/LwIP_Wiki
You might get questions answered there, but unfortunately, it is not as
well maintained as it should be.

lwIP was originally written by Adam Dunkels:
  http://dunkels.com/adam/

Reading Adam's papers, the files in docs/, browsing the source code
documentation and browsing the mailing list archives is a good way to
become familiar with the design of lwIP.

Adam Dunkels <adam@sics.se>
Leon Woestenberg <leon.woestenberg@gmx.net>