summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2008-03-12 13:09:13 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2008-03-12 13:09:13 +0000
commit5a22b0c27bb2da700052d29a6d75a2a7afb2e196 (patch)
tree42b6707349a43c2806bd54dce953f2457f8477ab /usr.sbin
parentb81605e61f4c497564d9c25b9057117aa3105fed (diff)
SNMP has a restricted BER encoding especially all encodings use the
definite-length from. So bail out with an error if this is not the case. OK cloder@, reyk@ cvs: ----------------------------------------------------------------------
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/snmpd/ber.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/usr.sbin/snmpd/ber.c b/usr.sbin/snmpd/ber.c
index 0b96000f936..5610154024d 100644
--- a/usr.sbin/snmpd/ber.c
+++ b/usr.sbin/snmpd/ber.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ber.c,v 1.7 2008/03/12 13:06:09 claudio Exp $ */
+/* $OpenBSD: ber.c,v 1.8 2008/03/12 13:09:12 claudio Exp $ */
/*
* Copyright (c) 2007 Reyk Floeter <reyk@vantronix.net>
@@ -940,8 +940,7 @@ get_id(struct ber *b, unsigned long *tag, int *class, int *cstruct)
}
/*
- * extract length of a ber object -- if length is unknown a length of -1 is
- * returned.
+ * extract length of a ber object -- if length is unknown an error is returned.
*/
static ssize_t
get_len(struct ber *b, ssize_t *len)
@@ -976,8 +975,11 @@ get_len(struct ber *b, ssize_t *len)
return -1;
}
- if (s == 0)
- s = -1;
+ if (s == 0) {
+ /* invalid encoding */
+ errno = EINVAL;
+ return -1;
+ }
*len = s;
return r;