summaryrefslogtreecommitdiffstats
path: root/contrib/bsnmp
diff options
context:
space:
mode:
authordelphij <delphij@FreeBSD.org>2014-01-14 19:02:14 +0000
committerdelphij <delphij@FreeBSD.org>2014-01-14 19:02:14 +0000
commitdefa475beb4d8f68d025a712cd3461cff6823da7 (patch)
treeb4be5a24b38d40d3188b79fe77936170c87905dd /contrib/bsnmp
parentb405aa87ad83bc16c9b28571bd0fe2d34d9ebf25 (diff)
downloadFreeBSD-src-defa475beb4d8f68d025a712cd3461cff6823da7.zip
FreeBSD-src-defa475beb4d8f68d025a712cd3461cff6823da7.tar.gz
MFC r260636:
Fix bsnmpd remote denial of service vulnerability. Reported by: dinoex Submitted by: harti Security: FreeBSD-SA-14:01.bsnmpd Security: CVE-2014-1452
Diffstat (limited to 'contrib/bsnmp')
-rw-r--r--contrib/bsnmp/lib/snmpagent.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/contrib/bsnmp/lib/snmpagent.c b/contrib/bsnmp/lib/snmpagent.c
index 888d622..865b9b6 100644
--- a/contrib/bsnmp/lib/snmpagent.c
+++ b/contrib/bsnmp/lib/snmpagent.c
@@ -499,6 +499,11 @@ snmp_getbulk(struct snmp_pdu *pdu, struct asn_buf *resp_b,
for (cnt = 0; cnt < pdu->error_index; cnt++) {
eomib = 1;
for (i = non_rep; i < pdu->nbindings; i++) {
+
+ if (resp->nbindings == SNMP_MAX_BINDINGS)
+ /* PDU is full */
+ goto done;
+
if (cnt == 0)
result = do_getnext(&context, &pdu->bindings[i],
&resp->bindings[resp->nbindings], pdu);
OpenPOWER on IntegriCloud