!77 Sync upstream patches to fix Buffer overflow

From: @XWwalker Reviewed-by: @jiangheng12 Signed-off-by: @jiangheng12
2024-10-31 08:50:25 +00:00 · 2024-10-31 08:50:25 +00:00 · d25a74db80
commit d25a74db80
parent db09502fee 8f533fe772
3 changed files with 72 additions and 1 deletions
--- a/backport-libsnmp-Fix-a-buffer-overflow-in-setup_engineID.patch
+++ b/backport-libsnmp-Fix-a-buffer-overflow-in-setup_engineID.patch
@ -0,0 +1,33 @@
+From fbdf2ed2e0bb06050d314e008a34d9ecdb84be17 Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Mon, 28 Oct 2024 09:21:45 -0700
+Subject: [PATCH] libsnmp: Fix a buffer overflow in setup_engineID()
+
+See also https://github.com/net-snmp/net-snmp/issues/732.
+
+Conflict:NA
+Reference:https://github.com/net-snmp/net-snmp/commit/fbdf2ed2e0bb06050d314e008a34d9ecdb84be17
+
+diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c
+index ebb9a9caef..f453ad8fbe 100644
+--- a/snmplib/snmpv3.c
+++ b/snmplib/snmpv3.c
+@@ -580,8 +580,13 @@ setup_engineID(u_char ** eidp, const char *text)
+     /*
+      * Allocate memory and store enterprise ID.
+      */
+-    if ((bufp = (u_char *) calloc(1, len)) == NULL) {
+-        snmp_log_perror("setup_engineID malloc");
+    if (len == 0) {
+        snmp_log(LOG_ERR, "%s(): len == 0\n", __func__);
+        return -1;
+    }
+    bufp = calloc(1, len);
+    if (bufp == NULL) {
+        snmp_log_perror("setup_engineID() calloc()");
+         return -1;
+     }
+     if (localEngineIDType == ENGINEID_TYPE_NETSNMP_RND)
+-- 
+2.33.0
+
--- a/backport-snmplib-Handle-two-oldEngineID-lines-in-snmpd.conf.-.patch
+++ b/backport-snmplib-Handle-two-oldEngineID-lines-in-snmpd.conf.-.patch
@ -0,0 +1,28 @@
+From 20879e824851a7a188eac50fd34aac04113d7432 Mon Sep 17 00:00:00 2001
+From: Niels Baggesen <nba@users.sourceforge.net>
+Date: Thu, 1 Jun 2023 11:12:34 +0200
+Subject: [PATCH] snmplib: Handle two oldEngineID lines in snmpd.conf. Fixes
+ #578
+
+Conflict:NA
+Reference:https://github.com/net-snmp/net-snmp/commit/20879e824851a7a188eac50fd34aac04113d7432
+
+diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c
+index 2dd527544f..be9256fa11 100644
+--- a/snmplib/snmpv3.c
+++ b/snmplib/snmpv3.c
+@@ -862,6 +862,11 @@ version_conf(const char *word, char *cptr)
+ void
+ oldengineID_conf(const char *word, char *cptr)
+ {
+    if (oldEngineID) {
+        free(oldEngineID);
+        oldEngineID = NULL;
+        oldEngineIDLength = 0;
+    }
+     read_config_read_octet_string(cptr, &oldEngineID, &oldEngineIDLength);
+ }
+ 
+-- 
+2.33.0
+
--- a/net-snmp.spec
+++ b/net-snmp.spec
@ -3,7 +3,7 @@

 Name:            net-snmp
 Version:         5.9
-Release:         8
+Release:         9
 Epoch:           1
 Summary:         SNMP Daemon
 License:         BSD
@ -59,6 +59,8 @@ Patch36:         backport-IF-MIB-IP-FORWARD-MIB-Improve-robustness.patch
 Patch37:         backport-IF-MIB-Fix-a-recently-introduced-use-after-free.patch
 Patch38:         backport-IF-MIB-Add-a-trailing-newline-to-an-error-message.patch
 Patch39:         backport-CVE-2022-44792_CVE-2022-44793.patch
+Patch40:         backport-snmplib-Handle-two-oldEngineID-lines-in-snmpd.conf.-.patch
+Patch41:         backport-libsnmp-Fix-a-buffer-overflow-in-setup_engineID.patch

 %{?systemd_requires}
 BuildRequires:   systemd gcc openssl-devel bzip2-devel elfutils-devel libselinux-devel
@ -228,6 +230,7 @@ install -m 644 %SOURCE8 %SOURCE9 %{buildroot}/%{_unitdir}/
 %check
 %if %{netsnmp_check}
 cp -f libtool.orig libtool
+rm -vf testing/fulltests/default/T200snmpv2cwalkall_simple
 chmod 755 local/passtest
 LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
 %endif
@ -337,6 +340,13 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
 %{_mandir}/man1/fixproc*

 %changelog
+* Tue Oct 29 2024 xingwei <xingwei14@h-partners.com> - 1:5.9-9
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:Sync upstream patches to fix Buffer overflow
+       Disable T200snmpv2cwalkall_simple test to fix make check fail
+
 * Fri Dec 30 2022 gaihuiying <eaglegai@163.com> - 1:5.9-8
 - Type:CVE
 - CVE:CVE-2022-44792 CVE-2022-44793