[pkgsrc/trunk]: pkgsrc/net/tcl-scotty Add some more protection against miscod...

[he <he%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/dfce53f5adb5
branches:  trunk
changeset: 375477:dfce53f5adb5
user:      he <he%pkgsrc.org@localhost>
date:      Mon Feb 12 14:52:14 2018 +0000

description:
Add some more protection against miscoded/corrupted OIDs.
Bump PKGREVISION.

diffstat:

 net/tcl-scotty/Makefile                         |   4 ++--
 net/tcl-scotty/distinfo                         |   4 ++--
 net/tcl-scotty/patches/patch-tnm_snmp_tnmAsn1.c |  22 ++++++++++++++++++++--
 3 files changed, 24 insertions(+), 6 deletions(-)

diffs (68 lines):

diff -r 3f4da117a60d -r dfce53f5adb5 net/tcl-scotty/Makefile
--- a/net/tcl-scotty/Makefile   Mon Feb 12 11:03:53 2018 +0000
+++ b/net/tcl-scotty/Makefile   Mon Feb 12 14:52:14 2018 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.41 2018/02/02 13:55:28 he Exp $
+# $NetBSD: Makefile,v 1.42 2018/02/12 14:52:14 he Exp $
 #
 
 DISTNAME=      scotty-${DIST_VERS}
 PKGNAME=       tcl-scotty-${DIST_VERS}
-PKGREVISION=   14
+PKGREVISION=   15
 CATEGORIES=    net tcl
 MASTER_SITES=  ftp://ftp.ibr.cs.tu-bs.de/pub/local/tkined/
 
diff -r 3f4da117a60d -r dfce53f5adb5 net/tcl-scotty/distinfo
--- a/net/tcl-scotty/distinfo   Mon Feb 12 11:03:53 2018 +0000
+++ b/net/tcl-scotty/distinfo   Mon Feb 12 14:52:14 2018 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.23 2018/02/02 13:56:09 he Exp $
+$NetBSD: distinfo,v 1.24 2018/02/12 14:52:14 he Exp $
 
 SHA1 (scotty-2.1.11.tar.gz) = 819011f908c57e4591d6f50e51677c01eb55dc13
 RMD160 (scotty-2.1.11.tar.gz) = 3b4d45f3db73f05b49a46017bf2ffed6d6464b00
@@ -26,7 +26,7 @@
 SHA1 (patch-tnm_generic_tnmUdp.c) = ceaa4f32a379b3c697405ae1bc22d7c5a4775982
 SHA1 (patch-tnm_generic_tnmUtil.c) = 0c9216365ab2059e7e064439bfb8df8341afe1b9
 SHA1 (patch-tnm_snmp_straps.c) = 3ec9baf566ab4cabd09de98ca1c3a689d9335b8c
-SHA1 (patch-tnm_snmp_tnmAsn1.c) = a14c3690614ec979246c906dea6b0da7356e1204
+SHA1 (patch-tnm_snmp_tnmAsn1.c) = 971bc2048e44747d1ffa66e79341c6a84c3ccda7
 SHA1 (patch-tnm_snmp_tnmAsn1.h) = 09b036aea74fdc187fedb72db520a701f217ca57
 SHA1 (patch-tnm_snmp_tnmMib.h) = f98655ed6f69479d91b91524397897c355cf7453
 SHA1 (patch-tnm_snmp_tnmMibParser.c) = ef22293224b42f90dc900d63f54ae78c34e74e6b
diff -r 3f4da117a60d -r dfce53f5adb5 net/tcl-scotty/patches/patch-tnm_snmp_tnmAsn1.c
--- a/net/tcl-scotty/patches/patch-tnm_snmp_tnmAsn1.c   Mon Feb 12 11:03:53 2018 +0000
+++ b/net/tcl-scotty/patches/patch-tnm_snmp_tnmAsn1.c   Mon Feb 12 14:52:14 2018 +0000
@@ -1,7 +1,7 @@
-$NetBSD: patch-tnm_snmp_tnmAsn1.c,v 1.2 2018/02/02 13:55:29 he Exp $
+$NetBSD: patch-tnm_snmp_tnmAsn1.c,v 1.3 2018/02/12 14:52:14 he Exp $
 
 Constify.
-Provide minimal robustness against mis-coded OIDs.
+Provide some robustness against mis-coded OIDs.
 
 --- tnm/snmp/tnmAsn1.c.orig    1996-07-29 21:33:44.000000000 +0000
 +++ tnm/snmp/tnmAsn1.c
@@ -61,3 +61,21 @@
      
      if (asnlen == 1 && (*packet % 40 == *packet)) {
        *oid       = *packet++;
+@@ -939,12 +945,16 @@ Tnm_BerDecOID(packet, packetlen, oid, oi
+ 
+     while (asnlen > 0) {
+       memset((char *) op, 0, sizeof(oid));
+-      while (*packet > 0x7F) {
++      while (*packet > 0x7F && asnlen > 0) {
+           /* hansb%aie.nl@localhost (Hans Bayle) had problems with SCO. */
+           *op = ( *op << 7 ) + ( *packet++ & 0x7F );
+           asnlen     -= 1;
+           *packetlen += 1;
+       }
++      if (asnlen == 0) {
++          strcpy(error, "OID decode: miscoded, ran out of data");
++          return NULL;
++      }
+ 
+       *op = ( *op << 7 ) + ( *packet++ );
+       op         += 1;