From c88838f391539f9a0366cd85b1fdc54f62fda8d5 Mon Sep 17 00:00:00 2001
From: Gunar Schorcht <gunar@schorcht.net>
Date: Fri, 25 Jan 2019 17:09:53 +0100
Subject: [PATCH] gnrc_icmpv6_echo: avoid crashing when pktbuf full

Once the packet buffer is full on heavy network load, gnrc_netif_hdr_build may return NULL. In that case, the following unchecked access to hdr->data leads to a crash.
---
 sys/net/gnrc/network_layer/icmpv6/echo/gnrc_icmpv6_echo.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sys/net/gnrc/network_layer/icmpv6/echo/gnrc_icmpv6_echo.c b/sys/net/gnrc/network_layer/icmpv6/echo/gnrc_icmpv6_echo.c
index 39eea8a97d84..a48ac04f37df 100644
--- a/sys/net/gnrc/network_layer/icmpv6/echo/gnrc_icmpv6_echo.c
+++ b/sys/net/gnrc/network_layer/icmpv6/echo/gnrc_icmpv6_echo.c
@@ -93,6 +93,12 @@ void gnrc_icmpv6_echo_req_handle(gnrc_netif_t *netif, ipv6_hdr_t *ipv6_hdr,
     pkt = hdr;
     hdr = gnrc_netif_hdr_build(NULL, 0, NULL, 0);
 
+    if (hdr == NULL) {
+        DEBUG("icmpv6_echo: no space left in packet buffer\n");
+        gnrc_pktbuf_release(pkt);
+        return;
+    }
+
     if (netif != NULL) {
         ((gnrc_netif_hdr_t *)hdr->data)->if_pid = netif->pid;
     }