net_snmp: fix CVE-2018-18065
This commit is contained in:
parent
11c0d07761
commit
2f7c242953
30
pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch
Normal file
30
pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch
Normal file
@ -0,0 +1,30 @@
|
||||
commit 7ffb8e25a0db851953155de91f0170e9bf8c457d
|
||||
Author: Robert Story <rstory@freesnmp.com>
|
||||
Date: Thu Oct 6 10:43:10 2016 -0400
|
||||
|
||||
CHANGES: BUG: 2743: snmpd crashes when receiving a GetNext PDU with multiple Varbinds
|
||||
|
||||
skip out-of-range varbinds when calling next handler
|
||||
|
||||
diff --git a/agent/helpers/table.c b/agent/helpers/table.c
|
||||
index 32a08033a..2666638b5 100644
|
||||
--- a/agent/helpers/table.c
|
||||
+++ b/agent/helpers/table.c
|
||||
@@ -340,6 +340,8 @@ table_helper_handler(netsnmp_mib_handler *handler,
|
||||
else if (reqinfo->mode == MODE_GET)
|
||||
table_helper_cleanup(reqinfo, request,
|
||||
SNMP_NOSUCHOBJECT);
|
||||
+ else
|
||||
+ request->processed = 1; /* skip if next handler called */
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -409,6 +411,8 @@ table_helper_handler(netsnmp_mib_handler *handler,
|
||||
else if (reqinfo->mode == MODE_GET)
|
||||
table_helper_cleanup(reqinfo, request,
|
||||
SNMP_NOSUCHOBJECT);
|
||||
+ else
|
||||
+ request->processed = 1; /* skip if next handler called */
|
||||
continue;
|
||||
}
|
||||
/*
|
@ -19,6 +19,7 @@ stdenv.mkDerivation rec {
|
||||
(fetchAlpinePatch "fix-includes.patch" "0zpkbb6k366qpq4dax5wknwprhwnhighcp402mlm7950d39zfa3m")
|
||||
(fetchAlpinePatch "netsnmp-swinst-crash.patch" "0gh164wy6zfiwiszh58fsvr25k0ns14r3099664qykgpmickkqid")
|
||||
(fetchAlpinePatch "remove-U64-typedef.patch" "1msxyhcqkvhqa03dwb50288g7f6nbrcd9cs036m9xc8jdgjb8k8j")
|
||||
./CVE-2018-18065.patch
|
||||
];
|
||||
|
||||
preConfigure =
|
||||
|
Loading…
Reference in New Issue
Block a user