Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/net-snmp-57/patches/051.19616471.patch
author David Hollister <david.hollister@oracle.com>
Wed, 12 Oct 2016 14:01:13 -0600
changeset 7094 61352b4e5af5
parent 5867 445e2cf1c845
permissions -rw-r--r--
24797203 OpenStack RBAC profiles allow reading too many files 24797238 keystone RBAC and SMF should point at Apache log files 24797256 cinder RBAC and SMF should point at Apache log files 24830959 horizon RBAC and SMF should point at Apache log files
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     1
 
# http://sourceforge.net/p/net-snmp/code/ci/76e8d6d100320629d8a23be4b0128619600c919d/
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     2
 
# CVE-2014-2285
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     3
 
# https://security-tracker.debian.org/tracker/CVE-2014-2285
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     4
 
# The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     5
 
# Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     6
 
# remote attackers to cause a denial of service (snmptrapd crash) via an empty
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     7
 
# community string in an SNMP trap, which triggers a NULL pointer dereference
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     8
 
# within the newSVpv function in Perl.
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
     9
 
#
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    10
 
# Fix picked from upstream. Will be available in 5.7.3 and above.
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    11
 
#
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    12
 
--- net-snmp-5.7.2.1/perl/TrapReceiver/TrapReceiver.xs	Wed Feb 19 16:36:42 2014
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    13
 
+++ TrapReceiver.xs	Thu Oct 30 02:48:45 2014
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    14
 
@@ -81,18 +81,18 @@
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    15
 
         STOREPDUi("securitymodel", pdu->securityModel);
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    16
 
         STOREPDUi("securitylevel", pdu->securityLevel);
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    17
 
         STOREPDU("contextName",
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    18
 
-                 newSVpv(pdu->contextName, pdu->contextNameLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    19
 
+                 newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    20
 
         STOREPDU("contextEngineID",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    21
 
-                 newSVpv((char *) pdu->contextEngineID,
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    22
 
+                 newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    23
 
                                     pdu->contextEngineIDLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    24
 
         STOREPDU("securityEngineID",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    25
 
-                 newSVpv((char *) pdu->securityEngineID,
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    26
 
+                 newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    27
 
                                     pdu->securityEngineIDLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    28
 
         STOREPDU("securityName",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    29
 
-                 newSVpv((char *) pdu->securityName, pdu->securityNameLen));
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    30
 
+                 newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    31
 
     } else {
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    32
 
         STOREPDU("community",
5867
445e2cf1c845 PSARC/2014/169 Net-snmp upgrade to version 5.7.2.1
Gowtham Thommandra <Gowtham.Thommandra@Oracle.COM>
parents: 2096
diff changeset 
    33
 
-                 newSVpv((char *) pdu->community, pdu->community_len));
2096
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    34
 
+                 newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    35
 
     }
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    36
ea57cc1059bf 19616471 problem in UTILITY/NET-SNMP
Tomas Klacko <tomas.klacko@oracle.com>
parents:
diff changeset 
    37
 
     if (transport && transport->f_fmtaddr) {
upstream/oracle/userland-gate