From f9680e5821154397099b95a8e1c7802f1873148d Mon Sep 17 00:00:00 2001 From: Jan Safranek Date: Fri, 26 Jun 2015 14:09:33 +0200 Subject: [PATCH] Fixed snmpstatus crashing when receiving invalid response Resolves: #1233738 --- net-snmp-5.7.3-snmpstatus-null.patch | 69 ++++++++++++++++++++++++++++ net-snmp.spec | 7 ++- 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 net-snmp-5.7.3-snmpstatus-null.patch diff --git a/net-snmp-5.7.3-snmpstatus-null.patch b/net-snmp-5.7.3-snmpstatus-null.patch new file mode 100644 index 0000000..7f5de20 --- /dev/null +++ b/net-snmp-5.7.3-snmpstatus-null.patch @@ -0,0 +1,69 @@ +commit bec6243394ed78897c14e3fa46f934e0ea3d453e +Author: Jan Safranek +Date: Fri Jun 26 13:30:07 2015 +0200 + + snmpstatus: CHANGES: Fixed crash when receiving non-standard compliant responses. + + Some HW sends ifOperStatus as NULL instead of INTEGER type. We should not try to dereference this NULL. + +diff --git a/apps/snmpstatus.c b/apps/snmpstatus.c +index ae08369..6f31c42 100644 +--- a/apps/snmpstatus.c ++++ b/apps/snmpstatus.c +@@ -310,30 +310,38 @@ main(int argc, char *argv[]) + continue; + } + if (vars->name_length >= length_ifOperStatus +- && !memcmp(objid_ifOperStatus, vars->name, +- sizeof(objid_ifOperStatus))) { ++ && !memcmp(objid_ifOperStatus, vars->name, ++ sizeof(objid_ifOperStatus)) ++ && vars->type == ASN_INTEGER ++ && vars->val.integer) { + if (*vars->val.integer != MIB_IFSTATUS_UP) + down_interfaces++; + snmp_add_null_var(pdu, vars->name, + vars->name_length); + good_var++; +- } else if (vars->name_length >= length_ifInUCastPkts && +- !memcmp(objid_ifInUCastPkts, vars->name, +- sizeof(objid_ifInUCastPkts))) { ++ } else if (vars->name_length >= length_ifInUCastPkts ++ &&!memcmp(objid_ifInUCastPkts, vars->name, ++ sizeof(objid_ifInUCastPkts)) ++ && vars->type == ASN_COUNTER ++ && vars->val.integer) { + ipackets += *vars->val.integer; + snmp_add_null_var(pdu, vars->name, + vars->name_length); + good_var++; + } else if (vars->name_length >= length_ifInNUCastPkts + && !memcmp(objid_ifInNUCastPkts, vars->name, +- sizeof(objid_ifInNUCastPkts))) { ++ sizeof(objid_ifInNUCastPkts)) ++ && vars->type == ASN_COUNTER ++ && vars->val.integer) { + ipackets += *vars->val.integer; + snmp_add_null_var(pdu, vars->name, + vars->name_length); + good_var++; + } else if (vars->name_length >= length_ifOutUCastPkts + && !memcmp(objid_ifOutUCastPkts, vars->name, +- sizeof(objid_ifOutUCastPkts))) { ++ sizeof(objid_ifOutUCastPkts)) ++ && vars->type == ASN_COUNTER ++ && vars->val.integer) { + opackets += *vars->val.integer; + snmp_add_null_var(pdu, vars->name, + vars->name_length); +@@ -341,7 +349,9 @@ main(int argc, char *argv[]) + } else if (vars->name_length >= length_ifOutNUCastPkts + && !memcmp(objid_ifOutNUCastPkts, + vars->name, +- sizeof(objid_ifOutNUCastPkts))) { ++ sizeof(objid_ifOutNUCastPkts)) ++ && vars->type == ASN_COUNTER ++ && vars->val.integer) { + opackets += *vars->val.integer; + snmp_add_null_var(pdu, vars->name, + vars->name_length); diff --git a/net-snmp.spec b/net-snmp.spec index 9b8b59a..c6d3fb9 100644 --- a/net-snmp.spec +++ b/net-snmp.spec @@ -11,7 +11,7 @@ Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: 5.7.3 -Release: 4%{?dist} +Release: 5%{?dist} Epoch: 1 License: BSD @@ -41,6 +41,7 @@ Patch8: net-snmp-5.7.2-autoreconf.patch Patch9: net-snmp-5.7-agentx-crash.patch Patch10: net-snmp-5.5-agentx-disconnect-crash.patch Patch11: net-snmp-5.7.2-cert-path.patch +Patch12: net-snmp-5.7.3-snmpstatus-null.patch Requires(post): chkconfig Requires(preun): chkconfig @@ -208,6 +209,7 @@ cp %{SOURCE12} . %patch9 -p1 -b .agentx-crash %patch10 -p1 -b .agentx-disconnect-crash %patch11 -p1 -b .cert-path +%patch12 -p1 -b .snmpstatus-null %ifarch sparc64 s390 s390x # disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697 @@ -515,6 +517,9 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Fri Jun 26 2015 Jan Safranek - 1:5.7.3-5 +- Fixed snmpstatus crashing when receiving invalid response (#1233738) + * Wed Jun 17 2015 Fedora Release Engineering - 1:5.7.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild