1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
From 50118392c58c8d9554580373c0dbc542336b58a9 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Thu, 16 May 2019 13:49:05 +0200
Subject: [PATCH 2/5] libsnmp: Fix two recently introduced issues in the MIB
parsing code
Ensure that the first argument passed to qsort() is not NULL. Free the memory
that holds the directory contents.
Fixes: 2b3e300ade4a ("CHANGES: libsnmp: Scan MIB directories in alphabetical order")
CVE: CVE-2020-15861
Upstream-Status: Backport [https://github.com/net-snmp/net-snmp/commit/9cfb38b0aa95363da1466ca81dd929989ba27c1f]
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
---
snmplib/parse.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/snmplib/parse.c b/snmplib/parse.c
index 51d119b..200ba25 100644
--- a/snmplib/parse.c
+++ b/snmplib/parse.c
@@ -4961,7 +4961,8 @@ static int scan_directory(char ***result, const char *dirname)
}
closedir(dir);
- qsort(filenames, filename_count, sizeof(filenames[0]), elemcmp);
+ if (filenames)
+ qsort(filenames, filename_count, sizeof(filenames[0]), elemcmp);
*result = filenames;
return filename_count;
@@ -5040,6 +5041,7 @@ add_mibdir(const char *dirname)
File = oldFile;
if (ip)
fclose(ip);
+ free(filenames);
return (count);
}
else
--
2.17.1
|
