| Fix for CVE-2014-2285 from upstream: |
| http://sourceforge.net/p/net-snmp/patches/1275/ |
| |
| Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> |
| |
| --- net-snmp-5.7.3.pre3/perl/TrapReceiver/TrapReceiver.xs.null 2014-02-25 21:50:16.000000000 +0100 |
| +++ net-snmp-5.7.3.pre3/perl/TrapReceiver/TrapReceiver.xs 2014-03-03 18:59:20.261766270 +0100 |
| @@ -81,18 +81,18 @@ int perl_trapd_handler( netsnmp_pdu |
| STOREPDUi("securitymodel", pdu->securityModel); |
| STOREPDUi("securitylevel", pdu->securityLevel); |
| STOREPDU("contextName", |
| - newSVpv(pdu->contextName, pdu->contextNameLen)); |
| + newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen)); |
| STOREPDU("contextEngineID", |
| - newSVpv((char *) pdu->contextEngineID, |
| + newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "", |
| pdu->contextEngineIDLen)); |
| STOREPDU("securityEngineID", |
| - newSVpv((char *) pdu->securityEngineID, |
| + newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "", |
| pdu->securityEngineIDLen)); |
| STOREPDU("securityName", |
| - newSVpv((char *) pdu->securityName, pdu->securityNameLen)); |
| + newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen)); |
| } else { |
| STOREPDU("community", |
| - newSVpv((char *) pdu->community, pdu->community_len)); |
| + newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len)); |
| } |
| |
| if (transport && transport->f_fmtaddr) { |