pool/net-snmp
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 120977 from net-snmp:factory

Browse Source 
Add fix for bnc#759352 (CVE-2012-2141).

OBS-URL: https://build.opensuse.org/request/show/120977
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=57
This commit is contained in:
Stephan Kulow 2012-05-16 10:26:12 +00:00 committed by Git OBS Bridge
parent 828e6a6e1e
commit 3e080be02f
3 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
net-snmp-5.7.1-fix-array-index-error.patch Normal file
View File

@ -0,0 +1,30 @@
commit 4c5633f1603e4bd03ed05c37d782ec8911759c47
Author: Robert Story <rstory@freesnmp.com>
Date: Mon May 14 11:40:06 2012 -0400
NEWS: snmp: BUG: 3526549: CVE-2012-2141 Array index error leading to crash
Index: net-snmp-5.7.1/agent/mibgroup/agent/extend.c
===================================================================
--- net-snmp-5.7.1.orig/agent/mibgroup/agent/extend.c
+++ net-snmp-5.7.1/agent/mibgroup/agent/extend.c
@@ -1209,7 +1209,7 @@ _extend_find_entry( netsnmp_request_info
* ...and check the line requested is valid
*/
line_idx = *table_info->indexes->next_variable->val.integer;
- if (eptr->numlines < line_idx)
+ if (line_idx < 1 || line_idx > eptr->numlines)
return NULL;
}
}
@@ -1380,6 +1380,10 @@ handle_nsExtendOutput2Table(netsnmp_mib_
* Determine which line we've been asked for....
*/
line_idx = *table_info->indexes->next_variable->val.integer;
+ if (line_idx < 1 || line_idx > extension->numlines) {
+ netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);
+ continue;
+ }
cp = extension->lines[line_idx-1];
/*

6
net-snmp.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Mon May 14 17:39:17 UTC 2012 - lchiquitto@suse.com
- fix array index error that could lead to a crash (CVE-2012-2141)
(bnc#759352)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Mar 29 22:14:55 UTC 2012 - lchiquitto@suse.com Thu Mar 29 22:14:55 UTC 2012 - lchiquitto@suse.com

2
net-snmp.spec
View File

@ -76,6 +76,7 @@ Patch20: net-snmp-5.7.1-log-agentx-disconnections.patch
Patch21: net-snmp-5.7.1-more-robust-handling-of-agentx-errors.patch Patch21: net-snmp-5.7.1-more-robust-handling-of-agentx-errors.patch
Patch22: net-snmp-5.7.1-report-problems-with-setundo-processing.patch Patch22: net-snmp-5.7.1-report-problems-with-setundo-processing.patch
Patch23: net-snmp-5.7.1-fix-snmpd-crashing-when-an-agentx-disconnects.patch Patch23: net-snmp-5.7.1-fix-snmpd-crashing-when-an-agentx-disconnects.patch
Patch24: net-snmp-5.7.1-fix-array-index-error.patch
# #
Summary: SNMP Daemon Summary: SNMP Daemon
License: BSD-3-Clause ; MIT License: BSD-3-Clause ; MIT
@ -237,6 +238,7 @@ Authors:
%patch21 -p1 %patch21 -p1
%patch22 -p1 %patch22 -p1
%patch23 -p1 %patch23 -p1
%patch24 -p1
%build %build
MIBS="misc/ipfwacc ucd-snmp/diskio etherlike-mib rmon-mib velocity smux \ MIBS="misc/ipfwacc ucd-snmp/diskio etherlike-mib rmon-mib velocity smux \