net-snmp/CVE-2019-20892-3.patch

From 7384a8b550d4ed4a00e41b72229cfcc124926b06 Mon Sep 17 00:00:00 2001
From: Ming Chen <ming0903@users.sourceforge.net>
Date: Wed, 5 Jun 2019 19:58:44 -0700
Subject: [PATCH] libsnmp: Fix usm_free_usmStateReference()

See also https://sourceforge.net/p/net-snmp/bugs/2923/.

Fixes: adc9b71aba91 ("snmpd: Avoid that snmpv3 bulkget errors result in a double free")
---
 snmplib/snmpusm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/snmplib/snmpusm.c b/snmplib/snmpusm.c
index ed7dc2e59..90c485c3c 100644
--- a/snmplib/snmpusm.c
+++ b/snmplib/snmpusm.c
@@ -305,7 +305,7 @@ usm_free_usmStateReference(void *old)
             SNMP_FREE(old_ref->usr_engine_id);
         if (old_ref->usr_auth_protocol_length)
             SNMP_FREE(old_ref->usr_auth_protocol);
-        if (old_ref->usr_auth_protocol_length)
+        if (old_ref->usr_priv_protocol_length)
             SNMP_FREE(old_ref->usr_priv_protocol);
 
         if (old_ref->usr_auth_key_length && old_ref->usr_auth_key) {