net-snmp/net-snmp-5.4.2_audit.patch

Index: agent/mibgroup/examples/ucdDemoPublic.c
===================================================================
--- agent/mibgroup/examples/ucdDemoPublic.c.orig
+++ agent/mibgroup/examples/ucdDemoPublic.c
@@ -222,7 +222,11 @@ write_ucdDemoPublicString(int action,
     }
     if (action == COMMIT) {
         if (var_val_len != 0) {
-            strcpy(publicString, var_val);
+            strncpy(publicString, var_val, sizeof(publicString)-1);
+            /* XXX thomas: just some sanity checks */
+            if(strlen(var_val) > sizeof(publicString)-1 || strlen(var_val) != var_val_len)
+                publicString[sizeof(publicString)-1] = '\0';
+            else
             publicString[var_val_len] = '\0';
         } else
             publicString[0] = '\0';
Index: agent/mibgroup/util_funcs.c
===================================================================
--- agent/mibgroup/util_funcs.c.orig
+++ agent/mibgroup/util_funcs.c
@@ -142,6 +142,10 @@ make_tempfile(void)
     }
 #endif
     if (fd >= 0) {
+        if(fchmod(fd, 0600) != 0) {
+            close(fd);
+            return NULL;
+        }
         close(fd);
         DEBUGMSGTL(("make_tempfile", "temp file created: %s\n", name));
         return name;
Index: agent/auto_nlist.c
===================================================================
--- agent/auto_nlist.c.orig
+++ agent/auto_nlist.c
@@ -64,6 +64,7 @@ auto_nlist_value(const char *string)
         it->nl[0].n_name = (char *) malloc(strlen(string) + 2);
 #if defined(aix4) || defined(aix5) || defined(aix6)
         strcpy(it->nl[0].n_name, string);
+        it->nl[0].n_name[strlen(string)+1] = '\0';
 #else
         sprintf(it->nl[0].n_name, "_%s", string);
 #endif
@@ -72,6 +73,7 @@ auto_nlist_value(const char *string)
 #if !(defined(aix4) || defined(aix5) || defined(aix6)) 
         if (it->nl[0].n_type == 0) {
             strcpy(it->nl[0].n_name, string);
+            it->nl[0].n_name[strlen(string)+1] = '\0';
             init_nlist(it->nl);
         }
 #endif
Index: apps/snmptest.c
===================================================================
--- apps/snmptest.c.orig
+++ apps/snmptest.c
@@ -456,6 +456,7 @@ input_variable(netsnmp_variable_list * v
                     goto getValue;
                 }
                 memcpy(vp->val.string, buf, strlen(buf) - 1);
+                vp->val.string[sizeof(vp->val.string)-1] = 0;
                 vp->val_len = strlen(buf) - 1;
             } else if (ch == 'x') {
                 size_t          buf_len = 256;
Index: snmplib/parse.c
===================================================================
--- snmplib/parse.c.orig
+++ snmplib/parse.c
@@ -4231,7 +4231,7 @@ parse(FILE * fp, struct node *root)
     extern void     xmalloc_stats(FILE *);
 #endif
     char            token[MAXTOKEN];
-    char            name[MAXTOKEN];
+    char            name[MAXTOKEN+1];
     int             type = LABEL;
     int             lasttype = LABEL;
 
@@ -4323,7 +4323,8 @@ parse(FILE * fp, struct node *root)
         case ENDOFFILE:
             continue;
         default:
-            strcpy(name, token);
+            strncpy(name, token, sizeof(name));
+            name[sizeof(name)-1] = '\0';
             type = get_token(fp, token, MAXTOKEN);
             nnp = NULL;
             if (type == MACRO) {
@@ -4340,7 +4341,8 @@ parse(FILE * fp, struct node *root)
                 print_error(name, "is a reserved word", lasttype);
             continue;           /* see if we can parse the rest of the file */
         }
-        strcpy(name, token);
+        strncpy(name, token, sizeof(name));
+        name[sizeof(name)-1] = '\0';
         type = get_token(fp, token, MAXTOKEN);
         nnp = NULL;
 
Index: snmplib/tools.c
===================================================================
--- snmplib/tools.c.orig
+++ snmplib/tools.c
@@ -696,7 +696,7 @@ dump_snmpEngineID(const u_char * estring
         /*
          * s += snprintf(s, remaining_len+3, "\"%s\"", esp); 
          */
-        s += sprintf(s, "\"%s\"", esp);
+        s += sprintf(s, "\"%.*s\"", sizeof(buf)-strlen(buf)-3, esp);
         goto dump_snmpEngineID_quit;
         break;
      /*NOTREACHED*/ case 5:    /* Octets. */
Index: testing/TESTCONF.sh
===================================================================
--- testing/TESTCONF.sh.orig
+++ testing/TESTCONF.sh
@@ -77,8 +77,8 @@ if [ "x$SNMP_TMPDIR" = "x" -a "x$SNMP_HE
     fi
     SNMP_TMP_PERSISTENTDIR=$SNMP_TMPDIR/persist
     export SNMP_TMP_PERSISTENTDIR
-    mkdir $SNMP_TMPDIR
-    mkdir $SNMP_TMP_PERSISTENTDIR
+    mkdir -m 0700 $SNMP_TMPDIR
+    mkdir -m 0700 $SNMP_TMP_PERSISTENTDIR
 fi
 
 if [ "x$SNMP_SAVE_TMPDIR" = "x" ]; then
Index: testing/eval_suite.sh
===================================================================
--- testing/eval_suite.sh.orig
+++ testing/eval_suite.sh
@@ -79,7 +79,11 @@ exit 0
 PROGRAM=
 ARGUMENTS="$*"
 
-TMPFILE=/tmp/eval_suite.sh$$
+umask 0077     # just to be on the save side
+TMPDIR=/tmp/ucd-snmpd-eval-dir.$$
+/bin/rm -rf $TMPDIR
+/bin/mkdir -m 0700 $TMPDIR || exit -1
+TMPFILE=$TMPDIR/eval_suite.sh$$
 
 TESTLISTFILE=eval_testlist
 
@@ -205,6 +209,7 @@ done  # endwhile
 # Cleanup, exit.
 #
 rm -f $TMPFILE
+rm -rf $TMPDIR
 
 exit $TESTFAILURE
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`Index: agent/mibgroup/examples/ucdDemoPublic.c`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- agent/mibgroup/examples/ucdDemoPublic.c.orig`
			`+++ agent/mibgroup/examples/ucdDemoPublic.c`
			`@@ -222,7 +222,11 @@ write_ucdDemoPublicString(int action,`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`}`
			`if (action == COMMIT) {`
			`if (var_val_len != 0) {`
			`- strcpy(publicString, var_val);`
			`+ strncpy(publicString, var_val, sizeof(publicString)-1);`
			`+ /* XXX thomas: just some sanity checks */`
			`+ if(strlen(var_val) > sizeof(publicString)-1 \|\| strlen(var_val) != var_val_len)`
			`+ publicString[sizeof(publicString)-1] = '\0';`
			`+ else`
			`publicString[var_val_len] = '\0';`
			`} else`
			`publicString[0] = '\0';`
			`Index: agent/mibgroup/util_funcs.c`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- agent/mibgroup/util_funcs.c.orig`
			`+++ agent/mibgroup/util_funcs.c`
			`@@ -142,6 +142,10 @@ make_tempfile(void)`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`}`
			`#endif`
			`if (fd >= 0) {`
			`+ if(fchmod(fd, 0600) != 0) {`
			`+ close(fd);`
			`+ return NULL;`
			`+ }`
			`close(fd);`
			`DEBUGMSGTL(("make_tempfile", "temp file created: %s\n", name));`
			`return name;`
			`Index: agent/auto_nlist.c`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- agent/auto_nlist.c.orig`
			`+++ agent/auto_nlist.c`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`@@ -64,6 +64,7 @@ auto_nlist_value(const char *string)`
			`it->nl[0].n_name = (char *) malloc(strlen(string) + 2);`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=12 2008-10-24 22:48:33 +02:00			`#if defined(aix4) \|\| defined(aix5) \|\| defined(aix6)`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`strcpy(it->nl[0].n_name, string);`
			`+ it->nl[0].n_name[strlen(string)+1] = '\0';`
			`#else`
			`sprintf(it->nl[0].n_name, "_%s", string);`
			`#endif`
			`@@ -72,6 +73,7 @@ auto_nlist_value(const char *string)`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=12 2008-10-24 22:48:33 +02:00			`#if !(defined(aix4) \|\| defined(aix5) \|\| defined(aix6))`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`if (it->nl[0].n_type == 0) {`
			`strcpy(it->nl[0].n_name, string);`
			`+ it->nl[0].n_name[strlen(string)+1] = '\0';`
			`init_nlist(it->nl);`
			`}`
			`#endif`
			`Index: apps/snmptest.c`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- apps/snmptest.c.orig`
			`+++ apps/snmptest.c`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`@@ -456,6 +456,7 @@ input_variable(netsnmp_variable_list * v`
			`goto getValue;`
			`}`
			`memcpy(vp->val.string, buf, strlen(buf) - 1);`
			`+ vp->val.string[sizeof(vp->val.string)-1] = 0;`
			`vp->val_len = strlen(buf) - 1;`
			`} else if (ch == 'x') {`
			`size_t buf_len = 256;`
			`Index: snmplib/parse.c`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- snmplib/parse.c.orig`
			`+++ snmplib/parse.c`
			`@@ -4231,7 +4231,7 @@ parse(FILE * fp, struct node *root)`
			`extern void xmalloc_stats(FILE *);`
			`#endif`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`char token[MAXTOKEN];`
			`- char name[MAXTOKEN];`
			`+ char name[MAXTOKEN+1];`
			`int type = LABEL;`
			`int lasttype = LABEL;`

Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`@@ -4323,7 +4323,8 @@ parse(FILE * fp, struct node *root)`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`case ENDOFFILE:`
			`continue;`
			`default:`
			`- strcpy(name, token);`
			`+ strncpy(name, token, sizeof(name));`
			`+ name[sizeof(name)-1] = '\0';`
			`type = get_token(fp, token, MAXTOKEN);`
			`nnp = NULL;`
			`if (type == MACRO) {`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`@@ -4340,7 +4341,8 @@ parse(FILE * fp, struct node *root)`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`print_error(name, "is a reserved word", lasttype);`
			`continue; /* see if we can parse the rest of the file */`
			`}`
			`- strcpy(name, token);`
			`+ strncpy(name, token, sizeof(name));`
			`+ name[sizeof(name)-1] = '\0';`
			`type = get_token(fp, token, MAXTOKEN);`
			`nnp = NULL;`

			`Index: snmplib/tools.c`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- snmplib/tools.c.orig`
			`+++ snmplib/tools.c`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=12 2008-10-24 22:48:33 +02:00			`@@ -696,7 +696,7 @@ dump_snmpEngineID(const u_char * estring`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`/*`
			`* s += snprintf(s, remaining_len+3, "\"%s\"", esp);`
			`*/`
			`- s += sprintf(s, "\"%s\"", esp);`
			`+ s += sprintf(s, "\"%.*s\"", sizeof(buf)-strlen(buf)-3, esp);`
			`goto dump_snmpEngineID_quit;`
			`break;`
			`/NOTREACHED/ case 5: /* Octets. */`
			`Index: testing/TESTCONF.sh`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- testing/TESTCONF.sh.orig`
			`+++ testing/TESTCONF.sh`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`@@ -77,8 +77,8 @@ if [ "x$SNMP_TMPDIR" = "x" -a "x$SNMP_HE`
			`fi`
			`SNMP_TMP_PERSISTENTDIR=$SNMP_TMPDIR/persist`
			`export SNMP_TMP_PERSISTENTDIR`
			`- mkdir $SNMP_TMPDIR`
			`- mkdir $SNMP_TMP_PERSISTENTDIR`
			`+ mkdir -m 0700 $SNMP_TMPDIR`
			`+ mkdir -m 0700 $SNMP_TMP_PERSISTENTDIR`
			`fi`

			`if [ "x$SNMP_SAVE_TMPDIR" = "x" ]; then`
			`Index: testing/eval_suite.sh`
			`===================================================================`
Accepting request 29044 from home:hennevogel:TODO Copy from home:hennevogel:TODO/net-snmp based on submit request 29044 from user coolo OBS-URL: https://build.opensuse.org/request/show/29044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=23 2010-01-21 11:28:30 +01:00			`--- testing/eval_suite.sh.orig`
			`+++ testing/eval_suite.sh`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=1 2007-01-16 00:26:37 +01:00			`@@ -79,7 +79,11 @@ exit 0`
			`PROGRAM=`
			`ARGUMENTS="$*"`

			`-TMPFILE=/tmp/eval_suite.sh$$`
			`+umask 0077 # just to be on the save side`
			`+TMPDIR=/tmp/ucd-snmpd-eval-dir.$$`
			`+/bin/rm -rf $TMPDIR`
			`+/bin/mkdir -m 0700 $TMPDIR \|\| exit -1`
			`+TMPFILE=$TMPDIR/eval_suite.sh$$`

			`TESTLISTFILE=eval_testlist`

			`@@ -205,6 +209,7 @@ done # endwhile`
			`# Cleanup, exit.`
			`#`
			`rm -f $TMPFILE`
			`+rm -rf $TMPDIR`

			`exit $TESTFAILURE`