From 2137f49d32c36bf39eb57d32ea23135706003204 Mon Sep 17 00:00:00 2001
From: Dirk Ziegelmeier <dirk@ziegelmeier.net>
Date: Tue, 30 Aug 2016 21:20:58 +0200
Subject: [PATCH] Fix usage of uninitialized data in nd6.c because of unchecked
 pbuf_copy_partial() return value

---
 src/core/ipv6/nd6.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/core/ipv6/nd6.c b/src/core/ipv6/nd6.c
index ec29a9bb..ff26d095 100644
--- a/src/core/ipv6/nd6.c
+++ b/src/core/ipv6/nd6.c
@@ -447,7 +447,12 @@ nd6_input(struct pbuf *p, struct netif *inp)
         buffer = &((u8_t*)p->payload)[offset];
       } else {
         buffer = nd6_ra_buffer;
-        pbuf_copy_partial(p, buffer, sizeof(struct prefix_option), offset);
+        if (pbuf_copy_partial(p, buffer, sizeof(struct prefix_option), offset) != sizeof(struct prefix_option)) {
+          pbuf_free(p);
+          ND6_STATS_INC(nd6.lenerr);
+          ND6_STATS_INC(nd6.drop);
+          return;
+        }
       }
       if (buffer[1] == 0) {
         /* zero-length extension. drop packet */