From 7bacfaa497f6cb438bc159ea880094edc3914b0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josef=20=C5=98=C3=ADdk=C3=BD?= Date: Mon, 4 Mar 2024 11:17:29 +0100 Subject: [PATCH] Resolves: RHEL-14454 - fix crash when configured as proxy - issue 82 --- net-snmp-5.8-proxy.patch | 46 ++++++++++++++++++++++++++++++++++++++++ net-snmp.spec | 7 +++++- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 net-snmp-5.8-proxy.patch diff --git a/net-snmp-5.8-proxy.patch b/net-snmp-5.8-proxy.patch new file mode 100644 index 0000000..3e80acd --- /dev/null +++ b/net-snmp-5.8-proxy.patch @@ -0,0 +1,46 @@ +From b67afb81eb0f7ad89496cd3e672654bfd8c55d0e Mon Sep 17 00:00:00 2001 +From: Bart Van Assche +Date: Sat, 21 Mar 2020 20:03:13 -0700 +Subject: [PATCH] snmpd: UCD-SNMP proxy: Fix a crash triggered by a wrong + passphrase + +See also https://github.com/net-snmp/net-snmp/issues/82 . +--- + agent/mibgroup/ucd-snmp/proxy.c | 9 --------- + 1 file changed, 9 deletions(-) + +diff --git a/agent/mibgroup/ucd-snmp/proxy.c b/agent/mibgroup/ucd-snmp/proxy.c +index f4eb03ef6f..548ae7588f 100644 +--- a/agent/mibgroup/ucd-snmp/proxy.c ++++ b/agent/mibgroup/ucd-snmp/proxy.c +@@ -698,8 +698,6 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid, + "proxy OID return length too long.\n"); + netsnmp_set_request_error(cache->reqinfo, requests, + SNMP_ERR_GENERR); +- if (pdu) +- snmp_free_pdu(pdu); + netsnmp_free_delegated_cache(cache); + return 1; + } +@@ -723,8 +721,6 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid, + * ack, this is bad. The # of varbinds don't match and + * there is no way to fix the problem + */ +- if (pdu) +- snmp_free_pdu(pdu); + snmp_log(LOG_ERR, + "response to proxy request illegal. We're screwed.\n"); + netsnmp_set_request_error(cache->reqinfo, requests, +@@ -735,11 +731,6 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid, + if (cache->reqinfo->mode == MODE_GETBULK) + netsnmp_bulk_to_next_fix_requests(requests); + +- /* +- * free the response +- */ +- if (pdu && 0) +- snmp_free_pdu(pdu); + break; + + default: + diff --git a/net-snmp.spec b/net-snmp.spec index b5806c1..87c7678 100644 --- a/net-snmp.spec +++ b/net-snmp.spec @@ -10,7 +10,7 @@ Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: 5.8 -Release: 29%{?dist} +Release: 30%{?dist} Epoch: 1 License: BSD @@ -78,6 +78,7 @@ Patch49: net-snmp-5.8-ipv6-disable-leak.patch Patch50: net-snmp-5.8-proxy-time-out.patch Patch51: net-snmp-5.8-sendmsg-error-code.patch Patch52: net-snmp-5.8-memavailable.patch +Patch53: net-snmp-5.8-proxy.patch # Modern RPM API means at least EL6 Patch101: net-snmp-5.8-modern-rpm-api.patch @@ -255,6 +256,7 @@ rm -r python %patch50 -p1 -b .proxy-time-out %patch51 -p1 -b .sendmsg-error-code %patch52 -p1 -b .memavailable +%patch53 -p1 -b .proxy %patch101 -p1 -b .modern-rpm-api @@ -509,6 +511,9 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test %{_libdir}/libnetsnmptrapd*.so.%{soname}* %changelog +* Mon Mar 04 2024 Josef Ridky - 1:5.8-30 +- fix crash when configured as proxy - issue 82 (RHEL-14454) + * Tue Jan 23 2024 Josef Ridky - 1:5.8-29 - backport MemAvailable report from upstream (RHEL-21780)