diff options
Diffstat (limited to 'meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2020-15861-0004.patch')
-rw-r--r-- | meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2020-15861-0004.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2020-15861-0004.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2020-15861-0004.patch new file mode 100644 index 0000000000..f0e709636e --- /dev/null +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2020-15861-0004.patch @@ -0,0 +1,33 @@ +From 545742d1867d70a645a63161ede4a391456691fc Mon Sep 17 00:00:00 2001 +From: Bill Fenner <fenner@gmail.com> +Date: Mon, 3 Jun 2019 10:01:08 -0700 +Subject: [PATCH 4/5] libsnmp: free filenames from directory listing + +Free each filename as we use it, as well as freeing the +list of filenames. + +Fixes: 2b3e300ade4a ("CHANGES: libsnmp: Scan MIB directories in alphabetical order") + +CVE: CVE-2020-15861 +Upstream-Status: Backport [https://github.com/net-snmp/net-snmp/commit/2968b455e6f182f329746e2bca1043f368618c73] + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + snmplib/parse.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/snmplib/parse.c b/snmplib/parse.c +index 0414337..7f98542 100644 +--- a/snmplib/parse.c ++++ b/snmplib/parse.c +@@ -5037,6 +5037,7 @@ add_mibdir(const char *dirname) + for (i = 0; i < filename_count; i++) { + if (add_mibfile(filenames[i], strrchr(filenames[i], '/'), ip) == 0) + count++; ++ free(filenames[i]); + } + File = oldFile; + if (ip) +-- +2.17.1 + |