packages/net-snmp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
net-snmp/backport-libsnmp-Fix-more-undefined-behavior-in-asn_build_int.patch
zhaoyuxing 75e80a4888 fix memory leak
2021-09-17 08:55:31 +08:00

30 lines
1018 B
Diff
Raw Blame History

From b9308221b1d0c1f77c8b2511e196376dc2870211 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Sun, 29 Aug 2021 09:25:06 -0700
Subject: [PATCH] libsnmp: Fix more undefined behavior in asn_build_int()
According to the C standard, triggering an overflow by shifting a signed
integer left results in undefined behavior. Fix this by inserting a cast.
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37808
---
snmplib/asn1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/snmplib/asn1.c b/snmplib/asn1.c
index 959ae21..07bdcc6 100644
--- a/snmplib/asn1.c
+++ b/snmplib/asn1.c
@@ -771,7 +771,7 @@ asn_build_int(u_char * data,
while ((((integer & mask) == 0) || ((integer & mask) == mask))
&& intsize > 1) {
intsize--;
- integer <<= 8;
+ integer = (u_long)integer << 8;
}
data = asn_build_header(data, datalength, type, intsize);
if (_asn_build_header_check(errpre, data, *datalength, intsize))
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink