1 |
From 4589352dac3ae111c7621298cf231742209efd9b Mon Sep 17 00:00:00 2001 |
2 |
From: Bill Fenner <fenner@gmail.com> |
3 |
Date: Fri, 25 Nov 2022 08:41:24 -0800 |
4 |
Subject: [PATCH 1/3] snmp_agent: disallow SET with NULL varbind |
5 |
|
6 |
--- |
7 |
agent/snmp_agent.c | 32 ++++++++++++++++++++++++++++++++ |
8 |
1 file changed, 32 insertions(+) |
9 |
|
10 |
diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c |
11 |
index 867d0c166f..3f678fe2df 100644 |
12 |
--- a/agent/snmp_agent.c |
13 |
+++ b/agent/snmp_agent.c |
14 |
@@ -3719,12 +3719,44 @@ netsnmp_handle_request(netsnmp_agent_session *asp, int status) |
15 |
return 1; |
16 |
} |
17 |
|
18 |
+static int |
19 |
+check_set_pdu_for_null_varbind(netsnmp_agent_session *asp) |
20 |
+{ |
21 |
+ int i; |
22 |
+ netsnmp_variable_list *v = NULL; |
23 |
+ |
24 |
+ for (i = 1, v = asp->pdu->variables; v != NULL; i++, v = v->next_variable) { |
25 |
+ if (v->type == ASN_NULL) { |
26 |
+ /* |
27 |
+ * Protect SET implementations that do not protect themselves |
28 |
+ * against wrong type. |
29 |
+ */ |
30 |
+ DEBUGMSGTL(("snmp_agent", "disallowing SET with NULL var for varbind %d\n", i)); |
31 |
+ asp->index = i; |
32 |
+ return SNMP_ERR_WRONGTYPE; |
33 |
+ } |
34 |
+ } |
35 |
+ return SNMP_ERR_NOERROR; |
36 |
+} |
37 |
+ |
38 |
int |
39 |
handle_pdu(netsnmp_agent_session *asp) |
40 |
{ |
41 |
int status, inclusives = 0; |
42 |
netsnmp_variable_list *v = NULL; |
43 |
|
44 |
+#ifndef NETSNMP_NO_WRITE_SUPPORT |
45 |
+ /* |
46 |
+ * Check for ASN_NULL in SET request |
47 |
+ */ |
48 |
+ if (asp->pdu->command == SNMP_MSG_SET) { |
49 |
+ status = check_set_pdu_for_null_varbind(asp); |
50 |
+ if (status != SNMP_ERR_NOERROR) { |
51 |
+ return status; |
52 |
+ } |
53 |
+ } |
54 |
+#endif /* NETSNMP_NO_WRITE_SUPPORT */ |
55 |
+ |
56 |
/* |
57 |
* for illegal requests, mark all nodes as ASN_NULL |
58 |
*/ |
59 |
|