Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/net-snmp-57/patches/051.19616471.patch
author Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
Fri, 11 Dec 2015 03:49:26 -0800
changeset 5867 445e2cf1c845
parent 2096 components/net-snmp/patches/051.19616471.patch@ea57cc1059bf
permissions -rw-r--r--
PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1 15685782 SUNBT7005330 NET-SNMP upgrade to 5.7.2.1 15705167 SUNBT7030994 find memory leaks for snmp-notify after doing libfmnotif
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     1
 
# http://sourceforge.net/p/net-snmp/code/ci/76e8d6d100320629d8a23be4b0128619600c919d/
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     2
 
# CVE-2014-2285
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     3
 
# https://security-tracker.debian.org/tracker/CVE-2014-2285
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     4
 
# The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     5
 
# Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     6
 
# remote attackers to cause a denial of service (snmptrapd crash) via an empty
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     7
 
# community string in an SNMP trap, which triggers a NULL pointer dereference
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     8
 
# within the newSVpv function in Perl.
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     9
 
#
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    10
 
# Fix picked from upstream. Will be available in 5.7.3 and above.
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    11
 
#
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    12
 
--- net-snmp-5.7.2.1/perl/TrapReceiver/TrapReceiver.xs	Wed Feb 19 16:36:42 2014
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    13
 
+++ TrapReceiver.xs	Thu Oct 30 02:48:45 2014
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    14
 
@@ -81,18 +81,18 @@
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    15
 
         STOREPDUi("securitymodel", pdu->securityModel);
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    16
 
         STOREPDUi("securitylevel", pdu->securityLevel);
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    17
 
         STOREPDU("contextName",
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    18
 
-                 newSVpv(pdu->contextName, pdu->contextNameLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    19
 
+                 newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    20
 
         STOREPDU("contextEngineID",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    21
 
-                 newSVpv((char *) pdu->contextEngineID,
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    22
 
+                 newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    23
 
                                     pdu->contextEngineIDLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    24
 
         STOREPDU("securityEngineID",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    25
 
-                 newSVpv((char *) pdu->securityEngineID,
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    26
 
+                 newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    27
 
                                     pdu->securityEngineIDLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    28
 
         STOREPDU("securityName",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    29
 
-                 newSVpv((char *) pdu->securityName, pdu->securityNameLen));
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    30
 
+                 newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    31
 
     } else {
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    32
 
         STOREPDU("community",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    33
 
-                 newSVpv((char *) pdu->community, pdu->community_len));
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    34
 
+                 newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    35
 
     }
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    36
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    37
 
     if (transport && transport->f_fmtaddr) {
upstream/oracle/userland-gate