[pkgsrc/trunk]: pkgsrc/net/net-snmp add a patch by Jan Safranek <jsafranek@us...

[spz <spz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/1ccb66a83da4
branches:  trunk
changeset: 603944:1ccb66a83da4
user:      spz <spz%pkgsrc.org@localhost>
date:      Thu May 17 12:56:17 2012 +0000

description:
add a patch by Jan Safranek <jsafranek%users.sourceforge.net@localhost> for CVE-2012-2141
from https://bugzilla.redhat.com/attachment.cgi?id=580443 :

Check out-of-index conditions in ExtendOutput2Table.

diffstat:

 net/net-snmp/Makefile                                    |   4 +-
 net/net-snmp/distinfo                                    |   3 +-
 net/net-snmp/patches/patch-agent_mibgroup_agent_extend.c |  20 ++++++++++++++++
 3 files changed, 24 insertions(+), 3 deletions(-)

diffs (54 lines):

diff -r 7bea00c7c791 -r 1ccb66a83da4 net/net-snmp/Makefile
--- a/net/net-snmp/Makefile     Thu May 17 10:53:01 2012 +0000
+++ b/net/net-snmp/Makefile     Thu May 17 12:56:17 2012 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.88 2011/10/22 07:33:34 shattered Exp $
+# $NetBSD: Makefile,v 1.89 2012/05/17 12:56:17 spz Exp $
 
 DISTNAME=      net-snmp-5.6.1.1
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    net
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=net-snmp/}
 
diff -r 7bea00c7c791 -r 1ccb66a83da4 net/net-snmp/distinfo
--- a/net/net-snmp/distinfo     Thu May 17 10:53:01 2012 +0000
+++ b/net/net-snmp/distinfo     Thu May 17 12:56:17 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.64 2011/10/17 19:40:26 shattered Exp $
+$NetBSD: distinfo,v 1.65 2012/05/17 12:56:17 spz Exp $
 
 SHA1 (net-snmp-5.6.1.1.tar.gz) = ec88ba3e0dff4d1b3d342ccebb48ea84c9fa6fa9
 RMD160 (net-snmp-5.6.1.1.tar.gz) = 9a4a83f7fe9431a0694b5fee33866ccea80fcab4
@@ -9,6 +9,7 @@
 SHA1 (patch-ae) = 54541bffecdbf4c526280bc82ffd370a59963d88
 SHA1 (patch-af) = d7641e502fd0a2969fa838fc67244cdfc6995369
 SHA1 (patch-ag) = 8f9dedcf741c4b0ea2c0150c8b0a22747ca8a313
+SHA1 (patch-agent_mibgroup_agent_extend.c) = b3b04c51e7059426963fdb4712a711e2da053a28
 SHA1 (patch-ah) = 7cea4194c858d7a8a9093eaf4426404e9202c3f1
 SHA1 (patch-ai) = 1eb3b72dcfff90c8e973590265bdb1c07b717eaa
 SHA1 (patch-aj) = e3337d01e96cc0739dbf3b1c7bde44d1126c32ae
diff -r 7bea00c7c791 -r 1ccb66a83da4 net/net-snmp/patches/patch-agent_mibgroup_agent_extend.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-agent_mibgroup_agent_extend.c  Thu May 17 12:56:17 2012 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-agent_mibgroup_agent_extend.c,v 1.1 2012/05/17 12:56:17 spz Exp $
+
+patch by Jan Safranek <jsafranek%users.sourceforge.net@localhost> for CVE-2012-2141
+from https://bugzilla.redhat.com/attachment.cgi?id=580443 :
+
+Check out-of-index conditions in ExtendOutput2Table.
+
+--- agent/mibgroup/agent/extend.c.orig 2010-07-08 11:19:15.000000000 +0000
++++ agent/mibgroup/agent/extend.c
+@@ -1309,6 +1309,10 @@ handle_nsExtendOutput2Table(netsnmp_mib_
+                  * Determine which line we've been asked for....
+                  */
+                 line_idx = *table_info->indexes->next_variable->val.integer;
++                if (line_idx < 1 || line_idx > extension->numlines) {
++                    netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);
++                    continue;
++                }
+                 cp  = extension->lines[line_idx-1];
+ 
+                 /*