Menu
▾
▴
[Net-snmp-patches] [ net-snmp-Patches-826714 ] No boundary check on cmdline args for snmp{getnext,get,set}
|
From: SourceForge.net <no...@so...> - 2003-10-20 09:23:58
|
Patches item #826714, was opened at 2003-10-20 09:00 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=312694&aid=826714&group_id=12694 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Jeremy Puhlman (jpuhlman) Assigned to: Nobody/Anonymous (nobody) Summary: No boundary check on cmdline args for snmp{getnext,get,set} Initial Comment: There is no boundary checking on the command line arguments for snmpget, snmpgetnext and snmpset. The value is hardcoded at 128 in array initializers but the code allows you to enter as many as you want and will accept them. The end result is it is possible to walk well outside the bounds of the of the array ment to contain pointers to the Object identifiers. Attached is the pretty obvious patch. It was originally found on 4.2.6, but is still a problem in 5.0.9. The attached patch is against 5.0.9 but it applies cleanly to HEAD of cvs. The error messages probably need to be modified to reflect something more consistant with the rest of the programs, and the location of the define is probably incorrect. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=312694&aid=826714&group_id=12694 |