rpms/net-snmp/devel net-snmp-5.5-tcp-pid.patch, NONE, 1.1 net-snmp.spec, 1.200, 1.201
Jan Šafránek
jsafrane at fedoraproject.org
Tue Jan 5 13:49:14 UTC 2010
Author: jsafrane
Update of /cvs/pkgs/rpms/net-snmp/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv26562
Modified Files:
net-snmp.spec
Added Files:
net-snmp-5.5-tcp-pid.patch
Log Message:
fix invalid access to memory in tcpListenerTable
Resolves: #551030
net-snmp-5.5-tcp-pid.patch:
tcpConnectionTable/tcpConnectionTable.c | 2 ++
tcpConnectionTable/tcpConnectionTable_data_access.c | 3 ++-
tcpListenerTable/tcpListenerTable.c | 2 ++
tcpListenerTable/tcpListenerTable_data_access.c | 3 ++-
4 files changed, 8 insertions(+), 2 deletions(-)
--- NEW FILE net-snmp-5.5-tcp-pid.patch ---
551030 - Memory corruption in TCP-MIB::tcpListenerProcess
Source: upstream, SVN rev. 17861
CHANGES: snmpd: Fixed invalid access to memory in TCP-MIB
diff --git a/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable.c b/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable.c
index 7259bf8..e274d19 100644
--- a/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable.c
+++ b/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable.c
@@ -155,6 +155,8 @@ tcpConnectionTable_rowreq_ctx_cleanup(tcpConnectionTable_rowreq_ctx *
/*
* TODO:211:o: |-> Perform extra tcpConnectionTable rowreq cleanup.
*/
+ netsnmp_access_tcpconn_entry_free(rowreq_ctx->data);
+ rowreq_ctx->data = NULL;
} /* tcpConnectionTable_rowreq_ctx_cleanup */
/**
diff --git a/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable_data_access.c b/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable_data_access.c
index 807dd9d..fec6bef 100644
--- a/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable_data_access.c
+++ b/agent/mibgroup/tcp-mib/tcpConnectionTable/tcpConnectionTable_data_access.c
@@ -256,7 +256,8 @@ tcpConnectionTable_container_load(netsnmp_container *container)
* free the container. we've either claimed each entry, or released it,
* so the dal function doesn't need to clear the container.
*/
- netsnmp_access_tcpconn_container_free(raw_data, 0);
+ netsnmp_access_tcpconn_container_free(raw_data,
+ NETSNMP_ACCESS_TCPCONN_FREE_DONT_CLEAR);
DEBUGMSGT(("verbose:tcpConnectionTable:tcpConnectionTable_cache_load",
"%d records\n", (int)CONTAINER_SIZE(container)));
diff --git a/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable.c b/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable.c
index f3009dd..ebd672b 100644
--- a/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable.c
+++ b/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable.c
@@ -154,6 +154,8 @@ tcpListenerTable_rowreq_ctx_cleanup(tcpListenerTable_rowreq_ctx *
/*
* TODO:211:o: |-> Perform extra tcpListenerTable rowreq cleanup.
*/
+ netsnmp_access_tcpconn_entry_free(rowreq_ctx->data);
+ rowreq_ctx->data = NULL;
} /* tcpListenerTable_rowreq_ctx_cleanup */
/**
diff --git a/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable_data_access.c b/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable_data_access.c
index 09ba655..b25d5db 100644
--- a/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable_data_access.c
+++ b/agent/mibgroup/tcp-mib/tcpListenerTable/tcpListenerTable_data_access.c
@@ -254,7 +254,8 @@ tcpListenerTable_container_load(netsnmp_container *container)
* free the container. we've either claimed each entry, or released it,
* so the dal function doesn't need to clear the container.
*/
- netsnmp_access_tcpconn_container_free(raw_data, 0);
+ netsnmp_access_tcpconn_container_free(raw_data,
+ NETSNMP_ACCESS_TCPCONN_FREE_DONT_CLEAR);
DEBUGMSGT(("verbose:tcpListenerTable:tcpListenerTable_cache_load",
"%d records\n", (int)CONTAINER_SIZE(container)));
Index: net-snmp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/net-snmp/devel/net-snmp.spec,v
retrieving revision 1.200
retrieving revision 1.201
diff -u -p -r1.200 -r1.201
--- net-snmp.spec 21 Dec 2009 15:56:44 -0000 1.200
+++ net-snmp.spec 5 Jan 2010 13:49:14 -0000 1.201
@@ -11,7 +11,7 @@
Summary: A collection of SNMP protocol tools and libraries
Name: net-snmp
Version: 5.5
-Release: 7%{?dist}
+Release: 8%{?dist}
Epoch: 1
License: BSD and MIT
@@ -32,6 +32,7 @@ Patch3: net-snmp-5.5-multilib.patch
Patch4: net-snmp-5.5-sensors3.patch
Patch5: net-snmp-5.5-udptable-index.patch
Patch6: net-snmp-5.5-missing-bcast.patch
+Patch7: net-snmp-5.5-tcp-pid.patch
Requires(post): chkconfig
Requires(preun): chkconfig
@@ -163,6 +164,7 @@ Net-SNMP toolkit library.
%patch4 -p1 -b .sensors
%patch5 -p1 -b .udptable-index
%patch6 -p1 -b .missing-bcast
+%patch7 -p1 -b .tcp-pid
%build
MIBS="host agentx smux \
@@ -404,6 +406,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_datadir}/snmp/mibs/*
%changelog
+* Tue Jan 5 2010 Jan Safranek <jsafrane at redhat.com> - 1:5.5-8
+- fix invalid access to memory in tcpListenerTable (#551030)
+
* Mon Dec 21 2009 Jan Safranek <jsafrane at redhat.com> - 1:5.5-7
- fix crash with interfaces without broadcast addresses (like OpenVPN's tun0)
(#544849)
More information about the fedora-extras-commits
mailing list