~ubuntu-branches/ubuntu/natty/net-snmp/natty-security

Viewing changes to agent/mibgroup/agent/extend.c

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2012-05-22 16:52:01 UTC
Revision ID: package-import@ubuntu.com-20120522165201-af2hvmkvib3fnjq6

Tags: 5.4.3~dfsg-2ubuntu1.1

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

files added:
.pc/CVE-2012-2141.patch

.pc/CVE-2012-2141.patch/agent

.pc/CVE-2012-2141.patch/agent/mibgroup

.pc/CVE-2012-2141.patch/agent/mibgroup/agent

.pc/CVE-2012-2141.patch/agent/mibgroup/agent/extend.c

debian/patches/CVE-2012-2141.patch

files modified:
.pc/applied-patches

agent/mibgroup/agent/extend.c

debian/changelog

debian/control

debian/patches/series

Show diffs side-by-side

added added

removed removed

agent/mibgroup/agent/extend.c

1124

* ...and check the line requested is valid

1125

1126

line_idx = *table_info->indexes->next_variable->val.integer;

1127

if (eptr->numlines < line_idx)

1127

if (line_idx < 1 || line_idx > eptr->numlines)

1128

return NULL;

1129

}

1130

return eptr;

1297

* Determine which line we've been asked for....

1298

1299

line_idx = *table_info->indexes->next_variable->val.integer;

1300

if (line_idx < 1 || line_idx > extension->numlines) {

1301

netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);

1302

continue;

1303

}

1300

1304

cp = extension->lines[line_idx-1];

1301

1305

1302

1306

Older »