From 92ccd5a82a019fbfa835cc8ab2294cf0ca48c8f2 Mon Sep 17 00:00:00 2001 From: Bart Van Assche Date: Sat, 25 May 2019 16:33:31 +0200 Subject: [PATCH] libsnmp: Move the securityStateRef check into free_securityStateRef() Instead of making each free_securityStateRef() caller check the securityStateRef pointer, move that check into free_securityStateRef(). --- agent/snmp_agent.c | 4 ++-- snmplib/snmp_api.c | 21 ++++++++++----------- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c index 9d2355e33..b1881c96e 100644 --- a/agent/snmp_agent.c +++ b/agent/snmp_agent.c @@ -1606,9 +1606,9 @@ free_agent_snmp_session(netsnmp_agent_session *asp) asp, asp->reqinfo)); /* Clean up securityStateRef here to prevent a double free */ - if (asp->orig_pdu && asp->orig_pdu->securityStateRef) + if (asp->orig_pdu) snmp_free_securityStateRef(asp->orig_pdu); - if (asp->pdu && asp->pdu->securityStateRef) + if (asp->pdu) snmp_free_securityStateRef(asp->pdu); if (asp->orig_pdu) diff --git a/snmplib/snmp_api.c b/snmplib/snmp_api.c index 36ab2d2d8..7922ea794 100644 --- a/snmplib/snmp_api.c +++ b/snmplib/snmp_api.c @@ -4020,7 +4020,12 @@ snmpv3_parse(netsnmp_pdu *pdu, static void free_securityStateRef(netsnmp_pdu* pdu) { - struct snmp_secmod_def *sptr = find_sec_mod(pdu->securityModel); + struct snmp_secmod_def *sptr; + + if (!pdu->securityStateRef) + return; + + sptr = find_sec_mod(pdu->securityModel); if (sptr) { if (sptr->pdu_free_state_ref) { (*sptr->pdu_free_state_ref) (pdu->securityStateRef); @@ -4142,9 +4147,7 @@ snmpv3_make_report(netsnmp_pdu *pdu, int error) * FIX - yes they should but USM needs to follow new EoP to determine * which cached values to use */ - if (pdu->securityStateRef) { - free_securityStateRef(pdu); - } + free_securityStateRef(pdu); if (error == SNMPERR_USM_NOTINTIMEWINDOW) { pdu->securityLevel = SNMP_SEC_LEVEL_AUTHNOPRIV; @@ -5658,9 +5661,7 @@ _sess_process_packet_parse_pdu(void *sessp, netsnmp_session * sp, /* * Call the security model to free any securityStateRef supplied w/ msg. */ - if (pdu->securityStateRef != NULL) { - free_securityStateRef(pdu); - } + free_securityStateRef(pdu); snmp_free_pdu(pdu); return NULL; } @@ -5698,9 +5699,7 @@ _sess_process_packet_handle_pdu(void *sessp, netsnmp_session * sp, /* * Call USM to free any securityStateRef supplied with the message. */ - if (pdu->securityStateRef) { - free_securityStateRef(pdu); - } + free_securityStateRef(pdu); for (rp = isp->requests; rp; orp = rp, rp = rp->next_request) { snmp_callback callback; @@ -5845,7 +5844,7 @@ _sess_process_packet_handle_pdu(void *sessp, netsnmp_session * sp, /* * Call USM to free any securityStateRef supplied with the message. */ - if (pdu->securityStateRef && pdu->command == SNMP_MSG_TRAP2) + if (pdu->command == SNMP_MSG_TRAP2) free_securityStateRef(pdu); if (!handled) {