diff options
| author | Martijn van Duren <martijn@cvs.openbsd.org> | 2020-03-11 06:53:43 +0000 |
|---|---|---|
| committer | Martijn van Duren <martijn@cvs.openbsd.org> | 2020-03-11 06:53:43 +0000 |
| commit | ba651d03fbc9e5b02e1cb703d8cbcea406cf650e (patch) | |
| tree | a788e0adff12b74ca58910755965c58017e3bb65 /usr.sbin | |
| parent | b90b5ef039b3984084f5dcb9dd80623da46bdfe7 (diff) | |
Make traphandler_parse also set vbinds for SNMPv1 traps.
This also prevents the access of an initialized pointer in
traphandler_fork_handler as found by jan@.
OK jan@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/snmpd/traphandler.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/usr.sbin/snmpd/traphandler.c b/usr.sbin/snmpd/traphandler.c index fdb38297ea4..bf8218c1202 100644 --- a/usr.sbin/snmpd/traphandler.c +++ b/usr.sbin/snmpd/traphandler.c @@ -1,4 +1,4 @@ -/* $OpenBSD: traphandler.c,v 1.15 2019/10/24 12:39:27 tb Exp $ */ +/* $OpenBSD: traphandler.c,v 1.16 2020/03/11 06:53:42 martijn Exp $ */ /* * Copyright (c) 2014 Bret Stephen Lambert <blambert@openbsd.org> @@ -232,10 +232,13 @@ traphandler_parse(char *buf, size_t n, struct ber_element **req, switch (vers) { case SNMP_V1: - if (ober_scanf_elements(elm, "{oSddd", - trapoid, >ype, &etype, uptime) == -1) + if (ober_scanf_elements(elm, "{oSddde", + trapoid, >ype, &etype, uptime, &elm) == -1) goto done; traphandler_v1translate(trapoid, gtype, etype); + if (elm->be_type != BER_TYPE_SEQUENCE) + goto done; + *vbinds = elm->be_sub; break; case SNMP_V2: |