Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
22956724 snmpd attempts to read memory past an allocated buffer
authorIvo Raisr <ivo.raisr@oracle.com>
Thu, 23 Jun 2016 00:20:58 -0700
changeset 6282 f8c1b6069673
parent 6281 801ca85e3dc9
child 6283 20926a1ac3fe
22956724 snmpd attempts to read memory past an allocated buffer
components/net-snmp-57/patches/064.22956724.kernel_sunos5.patch file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/net-snmp-57/patches/064.22956724.kernel_sunos5.patch	Thu Jun 23 00:20:58 2016 -0700
@@ -0,0 +1,20 @@
+This patch fixes a Solaris specific issue with buffer overrun of
+if_nameindex->if_name. Memory for this buffer is allocated by
+if_nameindex() and therefore correct string routines must be used
+to access it. The patch has been submitted to the community
+but has not been accepted yet.
+
+The details can be found in the following location
+https://sourceforge.net/p/net-snmp/bugs/2721/
+
+--- a/agent/mibgroup/kernel_sunos5.c.orig	2016-06-22 21:01:43.093780856 -0700
++++ b/agent/mibgroup/kernel_sunos5.c	2016-06-22 21:07:14.515956349 -0700
+@@ -1541,7 +1541,7 @@
+      ifnp->if_index != 0 && (i < nentries); ifnp++) {
+ 
+         DEBUGMSGTL(("kernel_sunos5", "...... getif %s\n", ifnp->if_name));
+-        memcpy(lifrp->lifr_name, ifnp->if_name, LIFNAMSIZ);
++        strlcpy(lifrp->lifr_name, ifnp->if_name, LIFNAMSIZ);
+         if_isv6 = B_FALSE;
+ 
+         flags_unknown = B_FALSE;
upstream/oracle/userland-gate