Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #48124 from andir/18.03/net_snmp
[18.03] net_snmp: fix CVE-2018-18065
- Loading branch information
Showing
2 changed files
with
31 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
commit 7ffb8e25a0db851953155de91f0170e9bf8c457d | ||
Author: Robert Story <rstory@freesnmp.com> | ||
Date: Thu Oct 6 10:43:10 2016 -0400 | ||
|
||
CHANGES: BUG: 2743: snmpd crashes when receiving a GetNext PDU with multiple Varbinds | ||
|
||
skip out-of-range varbinds when calling next handler | ||
|
||
diff --git a/agent/helpers/table.c b/agent/helpers/table.c | ||
index 32a08033a..2666638b5 100644 | ||
--- a/agent/helpers/table.c | ||
+++ b/agent/helpers/table.c | ||
@@ -340,6 +340,8 @@ table_helper_handler(netsnmp_mib_handler *handler, | ||
else if (reqinfo->mode == MODE_GET) | ||
table_helper_cleanup(reqinfo, request, | ||
SNMP_NOSUCHOBJECT); | ||
+ else | ||
+ request->processed = 1; /* skip if next handler called */ | ||
continue; | ||
} | ||
|
||
@@ -409,6 +411,8 @@ table_helper_handler(netsnmp_mib_handler *handler, | ||
else if (reqinfo->mode == MODE_GET) | ||
table_helper_cleanup(reqinfo, request, | ||
SNMP_NOSUCHOBJECT); | ||
+ else | ||
+ request->processed = 1; /* skip if next handler called */ | ||
continue; | ||
} | ||
/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters