about summary refs log tree commit diff
path: root/nixpkgs/pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch')
-rw-r--r--nixpkgs/pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch b/nixpkgs/pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch
new file mode 100644
index 000000000000..c33f7bb03fa8
--- /dev/null
+++ b/nixpkgs/pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch
@@ -0,0 +1,30 @@
+commit 7ffb8e25a0db851953155de91f0170e9bf8c457d
+Author: Robert Story <rstory@freesnmp.com>
+Date:   Thu Oct 6 10:43:10 2016 -0400
+
+    CHANGES: BUG: 2743: snmpd crashes when receiving a GetNext PDU with multiple Varbinds
+    
+    skip out-of-range varbinds when calling next handler
+
+diff --git a/agent/helpers/table.c b/agent/helpers/table.c
+index 32a08033a..2666638b5 100644
+--- a/agent/helpers/table.c
++++ b/agent/helpers/table.c
+@@ -340,6 +340,8 @@ table_helper_handler(netsnmp_mib_handler *handler,
+             else if (reqinfo->mode == MODE_GET)
+                 table_helper_cleanup(reqinfo, request,
+                                      SNMP_NOSUCHOBJECT);
++            else
++                request->processed = 1; /* skip if next handler called */
+             continue;
+         }
+ 
+@@ -409,6 +411,8 @@ table_helper_handler(netsnmp_mib_handler *handler,
+                 else if (reqinfo->mode == MODE_GET)
+                     table_helper_cleanup(reqinfo, request,
+                                          SNMP_NOSUCHOBJECT);
++                else
++                    request->processed = 1; /* skip if next handler called */
+                 continue;
+             }
+             /*
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-11 18:38:16 +0000