From 6d1a3caa26e4784810371f64496f56348261e4c6 Mon Sep 17 00:00:00 2001
From: Martine Lenders <m.lenders@fu-berlin.de>
Date: Thu, 8 Nov 2018 14:24:41 +0100
Subject: [PATCH 1/2] gnrc_ipv6_nib: fix NULL pointer dereference

---
 sys/net/gnrc/network_layer/ipv6/nib/nib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/net/gnrc/network_layer/ipv6/nib/nib.c b/sys/net/gnrc/network_layer/ipv6/nib/nib.c
index 0ae1915821b0..f6b6b6ee4ebc 100644
--- a/sys/net/gnrc/network_layer/ipv6/nib/nib.c
+++ b/sys/net/gnrc/network_layer/ipv6/nib/nib.c
@@ -240,7 +240,7 @@ int gnrc_ipv6_nib_get_next_hop_l2addr(const ipv6_addr_t *dst,
                 gnrc_netif_acquire(netif);
             }
             node = _nib_onl_get(&route.next_hop,
-                                (netif == NULL) ? netif->pid : 0);
+                                (netif != NULL) ? netif->pid : 0);
             if (_resolve_addr(&route.next_hop, netif, pkt, nce, node)) {
                 _call_route_info_cb(netif,
                                     GNRC_IPV6_NIB_ROUTE_INFO_TYPE_RN,

From 94549d136b5c0dbe4c73068b55540e7c09d6f5d9 Mon Sep 17 00:00:00 2001
From: Martine Lenders <m.lenders@fu-berlin.de>
Date: Thu, 8 Nov 2018 14:49:29 +0100
Subject: [PATCH 2/2] gnrc_ipv6_nib_pl: return early if PL entry wasn't
 allocated

---
 sys/net/gnrc/network_layer/ipv6/nib/nib_pl.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sys/net/gnrc/network_layer/ipv6/nib/nib_pl.c b/sys/net/gnrc/network_layer/ipv6/nib/nib_pl.c
index 8645cc2bd883..67d028aa52a8 100644
--- a/sys/net/gnrc/network_layer/ipv6/nib/nib_pl.c
+++ b/sys/net/gnrc/network_layer/ipv6/nib/nib_pl.c
@@ -29,7 +29,6 @@ int gnrc_ipv6_nib_pl_set(unsigned iface,
                          const ipv6_addr_t *pfx, unsigned pfx_len,
                          uint32_t valid_ltime, uint32_t pref_ltime)
 {
-    int res = 0;
     _nib_offl_entry_t *dst;
     ipv6_addr_t tmp = IPV6_ADDR_UNSPECIFIED;
 
@@ -47,7 +46,8 @@ int gnrc_ipv6_nib_pl_set(unsigned iface,
     dst = _nib_pl_add(iface, pfx, pfx_len, valid_ltime,
                       pref_ltime);
     if (dst == NULL) {
-        res = -ENOMEM;
+        mutex_unlock(&_nib_mutex);
+        return -ENOMEM;
     }
 #ifdef MODULE_GNRC_NETIF
     gnrc_netif_t *netif = gnrc_netif_get_by_pid(iface);
@@ -55,7 +55,7 @@ int gnrc_ipv6_nib_pl_set(unsigned iface,
 
     if (netif == NULL) {
         mutex_unlock(&_nib_mutex);
-        return res;
+        return 0;
     }
     gnrc_netif_acquire(netif);
     if (!gnrc_netif_is_6ln(netif) &&
@@ -83,7 +83,7 @@ int gnrc_ipv6_nib_pl_set(unsigned iface,
     /* update prefixes down-stream */
     _handle_snd_mc_ra(netif);
 #endif
-    return res;
+    return 0;
 }
 
 void gnrc_ipv6_nib_pl_del(unsigned iface,