From: SourceForge.net <no...@so...> - 2010-04-20 12:48:06
|
Patches item #2971270, was opened at 2010-03-16 14:30 Message generated for change (Settings changed) made by jsafranek You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=312694&aid=2971270&group_id=12694 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None >Status: Closed >Resolution: Accepted Priority: 5 Private: No Submitted By: Jan Safranek (jsafranek) Assigned to: Nobody/Anonymous (nobody) Summary: Check types in BER tokens Initial Comment: Currently Net-SNMP does not check if a type of token in incoming message matches expected type - e.g. Request-ID is supposed to be ASN_INTEGER, but it's never checked. Incoming packets with wrong type (e.g. ASN_OCTET_STR instead of ASN_INTEGER in Request-ID) are processed and responded. These messages should be silently discarded instead. Attached patch adds basic checks to asn_parse_XXX functions. Some of them (e.g asn_parse_unsigned_int) are called to parse values of different types (e.g. ASN_COUNTER, ASN_GAUGE, ...), all of them are accepted as valid. I.e. when caller expects ASN_COUNTER and there is ASN_GAUGE in the packet, the packet is *not* discarded. The actual type should be checked by caller, but there is just too many of them to fix it everywhere... I've tested that all values returned by snmpd during walk have correct type and none of them was discarded. I've also checked that SNMPv2-MIB::snmpInASNParseErrs.0 is incremented when throwing away incoming message. I'd welcome other test ideas. ---------------------------------------------------------------------- Comment By: Jan Safranek (jsafranek) Date: 2010-04-20 14:47 Message: SVN rev. 18545. As pointed on -coders list, it may lead to compatibility problems - some apps might rely on parsing ugly ASN.1 data. Fixing bugs has higher priority though. ---------------------------------------------------------------------- Comment By: Jan Safranek (jsafranek) Date: 2010-04-20 14:47 Message: Thanks for the patch! It has been applied to the 5.5.x code branch and the main development tree, and will appear in future releases of the Net-SNMP package. ---------------------------------------------------------------------- Comment By: Robert Story (rstory) Date: 2010-03-16 18:19 Message: other than a missing 'static const char *errpre' in the int parsing routines, looks good to me... ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=312694&aid=2971270&group_id=12694 |