aboutsummaryrefslogtreecommitdiff
path: root/package/netsnmp/netsnmp-001-CVE-2014-2285.patch
blob: d7a3057d45cbab24a432367568fba52582c0e1ee (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Fix for CVE-2014-2285 from upstream:
http://sourceforge.net/p/net-snmp/patches/1275/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

--- net-snmp-5.7.3.pre3/perl/TrapReceiver/TrapReceiver.xs.null	2014-02-25 21:50:16.000000000 +0100
+++ net-snmp-5.7.3.pre3/perl/TrapReceiver/TrapReceiver.xs	2014-03-03 18:59:20.261766270 +0100
@@ -81,18 +81,18 @@ int   perl_trapd_handler( netsnmp_pdu
         STOREPDUi("securitymodel", pdu->securityModel);
         STOREPDUi("securitylevel", pdu->securityLevel);
         STOREPDU("contextName",
-                 newSVpv(pdu->contextName, pdu->contextNameLen));
+                 newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
         STOREPDU("contextEngineID",
-                 newSVpv((char *) pdu->contextEngineID,
+                 newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
                                     pdu->contextEngineIDLen));
         STOREPDU("securityEngineID",
-                 newSVpv((char *) pdu->securityEngineID,
+                 newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
                                     pdu->securityEngineIDLen));
         STOREPDU("securityName",
-                 newSVpv((char *) pdu->securityName, pdu->securityNameLen));
+                 newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
     } else {
         STOREPDU("community",
-                 newSVpv((char *) pdu->community, pdu->community_len));
+                 newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
     }
 
     if (transport && transport->f_fmtaddr) {