pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/net-snmp patch (in 4 parts) for CVE-2012-6151 from
details: https://anonhg.NetBSD.org/pkgsrc/rev/cfda9cd764f4
branches: trunk
changeset: 629736:cfda9cd764f4
user: spz <spz%pkgsrc.org@localhost>
date: Sun Jan 26 21:33:06 2014 +0000
description:
patch (in 4 parts) for CVE-2012-6151 from
http://sourceforge.net/p/net-snmp/patches/_discuss/thread/36675011/e98b/attachment/alt-cancel-next-walk-v2.patch
diffstat:
net/net-snmp/Makefile | 4 +-
net/net-snmp/distinfo | 6 +-
net/net-snmp/patches/patch-agent_mibgroup_agentx_master.c | 31 ++
net/net-snmp/patches/patch-agent_mibgroup_agentx_master_admin.c | 15 +
net/net-snmp/patches/patch-agent_snmp__agent.c | 151 ++++++++++
net/net-snmp/patches/patch-include_net-snmp_agent_snmp__agent.h | 33 ++
6 files changed, 237 insertions(+), 3 deletions(-)
diffs (292 lines):
diff -r 743a68e4442b -r cfda9cd764f4 net/net-snmp/Makefile
--- a/net/net-snmp/Makefile Sun Jan 26 17:00:29 2014 +0000
+++ b/net/net-snmp/Makefile Sun Jan 26 21:33:06 2014 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.99 2013/11/05 17:40:30 joerg Exp $
+# $NetBSD: Makefile,v 1.100 2014/01/26 21:33:06 spz Exp $
DISTNAME= net-snmp-5.7.2
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/}
diff -r 743a68e4442b -r cfda9cd764f4 net/net-snmp/distinfo
--- a/net/net-snmp/distinfo Sun Jan 26 17:00:29 2014 +0000
+++ b/net/net-snmp/distinfo Sun Jan 26 21:33:06 2014 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.79 2013/11/29 12:59:51 joerg Exp $
+$NetBSD: distinfo,v 1.80 2014/01/26 21:33:06 spz Exp $
SHA1 (net-snmp-5.7.2.tar.gz) = c493027907f32400648244d81117a126aecd27ee
RMD160 (net-snmp-5.7.2.tar.gz) = 392d643e9f2f42ee4fa688b4702329ad005ee12e
@@ -6,6 +6,8 @@
SHA1 (patch-ac) = 59987ecb9467b1cead9af3d4432a4dd69be93480
SHA1 (patch-af) = 4fb96b79f9126dedb8a132d44894ea23c9e8c101
SHA1 (patch-ag) = d9595eceeb5ee986ab4365f62e3c3ab339e605aa
+SHA1 (patch-agent_mibgroup_agentx_master.c) = c2b3f145280e3fecc26a431ec914cf89d87a17f4
+SHA1 (patch-agent_mibgroup_agentx_master_admin.c) = 3c233c1e3113fbc9c1de34cb4cbacca9ef4a6fe2
SHA1 (patch-agent_mibgroup_hardware_cpu_cpu__sysctl.c) = 346bb4cb0e905821aa3bbdda4ae0fd8526d35854
SHA1 (patch-agent_mibgroup_hardware_fsys_fsys_getfsstats.c) = 7fc48c58c8f5bc73caaf3990ef61a94fb856e208
SHA1 (patch-agent_mibgroup_hardware_memory_memory__netbsd.c) = f04d66f823bf2b49401e6d9a62db4b39ed679907
@@ -14,6 +16,7 @@
SHA1 (patch-agent_mibgroup_mibII_ipv6.c) = d6a271145e6ba774cbc1e93caa14e3d22dc43075
SHA1 (patch-agent_mibgroup_mibII_tcpTable.c) = f547f3fd08848803cbf7ce08a41ba463c4d02992
SHA1 (patch-agent_mibgroup_mibII_udpTable.c) = 2eb5e5c05ecb23f69cbb0d38a31e14d5b5ddc6b7
+SHA1 (patch-agent_snmp__agent.c) = 2dbfea907d0e1881f5d55c5b270984fc3a562da9
SHA1 (patch-ai) = 04c2a487bad8705c9725ef4a62016051d3898970
SHA1 (patch-aj) = d110e996d0538d17251d39a5eed46df6944ba0fa
SHA1 (patch-ak) = 50ac67db8a9ffc16d983b4192e74db25ef439321
@@ -27,5 +30,6 @@
SHA1 (patch-du) = 89a77e82d881207500fb45c422b66710e44c0eb4
SHA1 (patch-el) = b85dbef28e14fe29c9fb944508a08e7423a37152
SHA1 (patch-es) = 7336d905bac315f344f93664e4118332f88fb6ee
+SHA1 (patch-include_net-snmp_agent_snmp__agent.h) = 2139d849b0ffe004a72f3276a98c0d2cb72dca18
SHA1 (patch-include_net-snmp_system_netbsd.h) = 7880fded678147b2cc75e035234b89727e213d00
SHA1 (patch-perl_agent_Makefile.PL) = 722380debeda1552b74b60ff91cea3cbbc716e74
diff -r 743a68e4442b -r cfda9cd764f4 net/net-snmp/patches/patch-agent_mibgroup_agentx_master.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-agent_mibgroup_agentx_master.c Sun Jan 26 21:33:06 2014 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-agent_mibgroup_agentx_master.c,v 1.1 2014/01/26 21:33:06 spz Exp $
+
+patch for CVE-2012-6151 from
+http://sourceforge.net/p/net-snmp/patches/_discuss/thread/36675011/e98b/attachment/alt-cancel-next-walk-v2.patch
+
+--- agent/mibgroup/agentx/master.c.orig 2012-10-09 22:28:58.000000000 +0000
++++ agent/mibgroup/agentx/master.c
+@@ -219,7 +219,13 @@ agentx_got_response(int operation,
+ if (!cache) {
+ DEBUGMSGTL(("agentx/master", "response too late on session %8p\n",
+ session));
+- return 0;
++ /*
++ * Response is too late, free the cache and return 1
++ * so that the session pending request list item can be deleted
++ */
++ if (magic)
++ netsnmp_free_delegated_cache((netsnmp_delegated_cache*) magic);
++ return 1;
+ }
+ requests = cache->requests;
+
+@@ -606,6 +612,8 @@ agentx_master_handler(netsnmp_mib_handle
+ result = snmp_async_send(ax_session, pdu, agentx_got_response, cb_data);
+ if (result == 0) {
+ snmp_free_pdu(pdu);
++ if (cb_data)
++ netsnmp_free_delegated_cache((netsnmp_delegated_cache*) cb_data);
+ }
+
+ return SNMP_ERR_NOERROR;
diff -r 743a68e4442b -r cfda9cd764f4 net/net-snmp/patches/patch-agent_mibgroup_agentx_master_admin.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-agent_mibgroup_agentx_master_admin.c Sun Jan 26 21:33:06 2014 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-agent_mibgroup_agentx_master_admin.c,v 1.1 2014/01/26 21:33:06 spz Exp $
+
+patch for CVE-2012-6151 from
+http://sourceforge.net/p/net-snmp/patches/_discuss/thread/36675011/e98b/attachment/alt-cancel-next-walk-v2.patch
+
+--- agent/mibgroup/agentx/master_admin.c.orig 2012-10-09 22:28:58.000000000 +0000
++++ agent/mibgroup/agentx/master_admin.c
+@@ -153,6 +153,7 @@ close_agentx_session(netsnmp_session * s
+ for (sp = session->subsession; sp != NULL; sp = sp->next) {
+
+ if (sp->sessid == sessid) {
++ netsnmp_remove_delegated_requests_for_session(sp);
+ unregister_mibs_by_session(sp);
+ unregister_index_by_session(sp);
+ unregister_sysORTable_by_session(sp);
diff -r 743a68e4442b -r cfda9cd764f4 net/net-snmp/patches/patch-agent_snmp__agent.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-agent_snmp__agent.c Sun Jan 26 21:33:06 2014 +0000
@@ -0,0 +1,151 @@
+$NetBSD: patch-agent_snmp__agent.c,v 1.1 2014/01/26 21:33:06 spz Exp $
+
+patch for CVE-2012-6151 from
+http://sourceforge.net/p/net-snmp/patches/_discuss/thread/36675011/e98b/attachment/alt-cancel-next-walk-v2.patch
+
+--- agent/snmp_agent.c.orig 2012-10-09 22:28:58.000000000 +0000
++++ agent/snmp_agent.c
+@@ -1409,6 +1409,7 @@ init_agent_snmp_session(netsnmp_session
+ asp->treecache_num = -1;
+ asp->treecache_len = 0;
+ asp->reqinfo = SNMP_MALLOC_TYPEDEF(netsnmp_agent_request_info);
++ asp->flags = SNMP_AGENT_FLAGS_NONE;
+ DEBUGMSGTL(("verbose:asp", "asp %p reqinfo %p created\n",
+ asp, asp->reqinfo));
+
+@@ -1458,6 +1459,9 @@ netsnmp_check_for_delegated(netsnmp_agen
+ if (NULL == asp->treecache)
+ return 0;
+
++ if (asp->flags & SNMP_AGENT_FLAGS_CANCEL_IN_PROGRESS)
++ return 0;
++
+ for (i = 0; i <= asp->treecache_num; i++) {
+ for (request = asp->treecache[i].requests_begin; request;
+ request = request->next) {
+@@ -1535,39 +1539,48 @@ int
+ netsnmp_remove_delegated_requests_for_session(netsnmp_session *sess)
+ {
+ netsnmp_agent_session *asp;
+- int count = 0;
++ int total_count = 0;
+
+ for (asp = agent_delegated_list; asp; asp = asp->next) {
+ /*
+ * check each request
+ */
++ int i;
++ int count = 0;
+ netsnmp_request_info *request;
+- for(request = asp->requests; request; request = request->next) {
+- /*
+- * check session
+- */
+- netsnmp_assert(NULL!=request->subtree);
+- if(request->subtree->session != sess)
+- continue;
+-
+- /*
+- * matched! mark request as done
+- */
+- netsnmp_request_set_error(request, SNMP_ERR_GENERR);
+- ++count;
++ for (i = 0; i <= asp->treecache_num; i++) {
++ for(request = asp->requests; request;
++ request = request->next) {
++ /*
++ * check session
++ */
++ netsnmp_assert(NULL!=request->subtree);
++ if(request->subtree->session != sess)
++ continue;
++
++ /*
++ * matched! mark request as done
++ */
++ netsnmp_request_set_error(request, SNMP_ERR_GENERR);
++ ++count;
++ }
++ }
++ if (count) {
++ asp->flags |= SNMP_AGENT_FLAGS_CANCEL_IN_PROGRESS;
++ total_count += count;
+ }
+ }
+
+ /*
+ * if we found any, that request may be finished now
+ */
+- if(count) {
++ if(total_count) {
+ DEBUGMSGTL(("snmp_agent", "removed %d delegated request(s) for session "
+- "%8p\n", count, sess));
+- netsnmp_check_outstanding_agent_requests();
++ "%8p\n", total_count, sess));
++ netsnmp_check_delegated_requests();
+ }
+
+- return count;
++ return total_count;
+ }
+
+ int
+@@ -2739,13 +2752,8 @@ handle_var_requests(netsnmp_agent_sessio
+ return final_status;
+ }
+
+-/*
+- * loop through our sessions known delegated sessions and check to see
+- * if they've completed yet. If there are no more delegated sessions,
+- * check for and process any queued requests
+- */
+ void
+-netsnmp_check_outstanding_agent_requests(void)
++netsnmp_check_delegated_requests(void)
+ {
+ netsnmp_agent_session *asp, *prev_asp = NULL, *next_asp = NULL;
+
+@@ -2790,6 +2798,22 @@ netsnmp_check_outstanding_agent_requests
+ prev_asp = asp;
+ }
+ }
++}
++
++/*
++ * loop through our sessions known delegated sessions and check to see
++ * if they've completed yet. If there are no more delegated sessions,
++ * check for and process any queued requests
++ */
++void
++netsnmp_check_outstanding_agent_requests(void)
++{
++ netsnmp_agent_session *asp;
++
++ /*
++ * deal with delegated requests
++ */
++ netsnmp_check_delegated_requests();
+
+ /*
+ * if we are processing a set and there are more delegated
+@@ -2819,7 +2843,8 @@ netsnmp_check_outstanding_agent_requests
+
+ netsnmp_processing_set = netsnmp_agent_queued_list;
+ DEBUGMSGTL(("snmp_agent", "SET request remains queued while "
+- "delegated requests finish, asp = %8p\n", asp));
++ "delegated requests finish, asp = %8p\n",
++ agent_delegated_list));
+ break;
+ }
+ #endif /* NETSNMP_NO_WRITE_SUPPORT */
+@@ -2880,6 +2905,10 @@ check_delayed_request(netsnmp_agent_sess
+ case SNMP_MSG_GETBULK:
+ case SNMP_MSG_GETNEXT:
+ netsnmp_check_all_requests_status(asp, 0);
++ if (asp->flags & SNMP_AGENT_FLAGS_CANCEL_IN_PROGRESS) {
++ DEBUGMSGTL(("snmp_agent","canceling next walk for asp %p\n", asp));
++ break;
++ }
+ handle_getnext_loop(asp);
+ if (netsnmp_check_for_delegated(asp) &&
+ netsnmp_check_transaction_id(asp->pdu->transid) !=
diff -r 743a68e4442b -r cfda9cd764f4 net/net-snmp/patches/patch-include_net-snmp_agent_snmp__agent.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-include_net-snmp_agent_snmp__agent.h Sun Jan 26 21:33:06 2014 +0000
@@ -0,0 +1,33 @@
+$NetBSD: patch-include_net-snmp_agent_snmp__agent.h,v 1.1 2014/01/26 21:33:06 spz Exp $
+
+patch for CVE-2012-6151 from
+http://sourceforge.net/p/net-snmp/patches/_discuss/thread/36675011/e98b/attachment/alt-cancel-next-walk-v2.patch
+
+--- include/net-snmp/agent/snmp_agent.h.orig 2012-10-09 22:28:58.000000000 +0000
++++ include/net-snmp/agent/snmp_agent.h
+@@ -32,6 +32,9 @@ extern "C" {
+ #define SNMP_MAX_PDU_SIZE 64000 /* local constraint on PDU size sent by agent
+ * (see also SNMP_MAX_MSG_SIZE in snmp_api.h) */
+
++#define SNMP_AGENT_FLAGS_NONE 0x0
++#define SNMP_AGENT_FLAGS_CANCEL_IN_PROGRESS 0x1
++
+ /*
+ * If non-zero, causes the addresses of peers to be logged when receptions
+ * occur.
+@@ -205,6 +208,7 @@ extern "C" {
+ int treecache_num; /* number of current cache entries */
+ netsnmp_cachemap *cache_store;
+ int vbcount;
++ int flags;
+ } netsnmp_agent_session;
+
+ /*
+@@ -240,6 +244,7 @@ extern "C" {
+ int init_master_agent(void);
+ void shutdown_master_agent(void);
+ int agent_check_and_process(int block);
++ void netsnmp_check_delegated_requests(void);
+ void netsnmp_check_outstanding_agent_requests(void);
+
+ int netsnmp_request_set_error(netsnmp_request_info *request,
Home |
Main Index |
Thread Index |
Old Index