packages/net-snmp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync upstream patches to fix Buffer overflow

Browse Source
This commit is contained in:
xingwei 2024-10-29 11:52:57 +00:00
parent 4f3f80525d
commit d4f82dcdcd
3 changed files with 70 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
backport-libsnmp-Fix-a-buffer-overflow-in-setup_engineID.patch Normal file
View File

@ -0,0 +1,33 @@
From fbdf2ed2e0bb06050d314e008a34d9ecdb84be17 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Mon, 28 Oct 2024 09:21:45 -0700
Subject: [PATCH] libsnmp: Fix a buffer overflow in setup_engineID()
See also https://github.com/net-snmp/net-snmp/issues/732.
Conflict:NA
Reference:https://github.com/net-snmp/net-snmp/commit/fbdf2ed2e0bb06050d314e008a34d9ecdb84be17
diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c
index ebb9a9caef..f453ad8fbe 100644
--- a/snmplib/snmpv3.c
+++ b/snmplib/snmpv3.c
@@ -580,8 +580,13 @@ setup_engineID(u_char ** eidp, const char *text)
/*
* Allocate memory and store enterprise ID.
*/
- if ((bufp = (u_char *) calloc(1, len)) == NULL) {
- snmp_log_perror("setup_engineID malloc");
+ if (len == 0) {
+ snmp_log(LOG_ERR, "%s(): len == 0\n", __func__);
+ return -1;
+ }
+ bufp = calloc(1, len);
+ if (bufp == NULL) {
+ snmp_log_perror("setup_engineID() calloc()");
return -1;
}
if (localEngineIDType == ENGINEID_TYPE_NETSNMP_RND)
--
2.33.0

28
backport-snmplib-Handle-two-oldEngineID-lines-in-snmpd.conf.-.patch Normal file
View File

@ -0,0 +1,28 @@
From 20879e824851a7a188eac50fd34aac04113d7432 Mon Sep 17 00:00:00 2001
From: Niels Baggesen <nba@users.sourceforge.net>
Date: Thu, 1 Jun 2023 11:12:34 +0200
Subject: [PATCH] snmplib: Handle two oldEngineID lines in snmpd.conf. Fixes
#578
Conflict:NA
Reference:https://github.com/net-snmp/net-snmp/commit/20879e824851a7a188eac50fd34aac04113d7432
diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c
index 2dd527544f..be9256fa11 100644
--- a/snmplib/snmpv3.c
+++ b/snmplib/snmpv3.c
@@ -862,6 +862,11 @@ version_conf(const char *word, char *cptr)
void
oldengineID_conf(const char *word, char *cptr)
{
+ if (oldEngineID) {
+ free(oldEngineID);
+ oldEngineID = NULL;
+ oldEngineIDLength = 0;
+ }
read_config_read_octet_string(cptr, &oldEngineID, &oldEngineIDLength);
}
--
2.33.0

10
net-snmp.spec
View File

@ -3,7 +3,7 @@
Name: net-snmp Name: net-snmp
Version: 5.9.3 Version: 5.9.3
Release: 3 Release: 4
Epoch: 1 Epoch: 1
Summary: SNMP Daemon Summary: SNMP Daemon
License: BSD License: BSD
@ -48,6 +48,8 @@ patch25: dump-space-around-the-equal-for-shellcheck-sc1068.patch
Patch26: net-snmp-5.9.1-IdeaUI_antic_attack.patch Patch26: net-snmp-5.9.1-IdeaUI_antic_attack.patch
Patch27: net-snmp-5.9.1-IdeaUI_reset_last_engineTime.patch Patch27: net-snmp-5.9.1-IdeaUI_reset_last_engineTime.patch
Patch28: backport-Add-Linux-6.7-compatibility-parsing-proc-net-snmp.patch Patch28: backport-Add-Linux-6.7-compatibility-parsing-proc-net-snmp.patch
Patch29: backport-snmplib-Handle-two-oldEngineID-lines-in-snmpd.conf.-.patch
Patch30: backport-libsnmp-Fix-a-buffer-overflow-in-setup_engineID.patch
%{?systemd_requires} %{?systemd_requires}
BuildRequires: systemd gcc openssl-devel bzip2-devel elfutils-devel libselinux-devel BuildRequires: systemd gcc openssl-devel bzip2-devel elfutils-devel libselinux-devel
@ -327,6 +329,12 @@ chmod 644 local/passtest
%{_mandir}/man1/fixproc* %{_mandir}/man1/fixproc*
%changelog %changelog
* Tue Oct 29 2024 xingwei <xingwei14@h-partners.com> - 1:5.9.3-4
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Sync upstream patches to fix Buffer overflow
* Wed Sep 25 2024 xingwei <xingwei14@h-partners.com> - 1:5.9.3-3 * Wed Sep 25 2024 xingwei <xingwei14@h-partners.com> - 1:5.9.3-3
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA