| From 50118392c58c8d9554580373c0dbc542336b58a9 Mon Sep 17 00:00:00 2001 |
| From: Bart Van Assche <bvanassche@acm.org> |
| Date: Thu, 16 May 2019 13:49:05 +0200 |
| Subject: [PATCH 2/5] libsnmp: Fix two recently introduced issues in the MIB |
| parsing code |
| |
| Ensure that the first argument passed to qsort() is not NULL. Free the memory |
| that holds the directory contents. |
| |
| Fixes: 2b3e300ade4a ("CHANGES: libsnmp: Scan MIB directories in alphabetical order") |
| |
| CVE: CVE-2020-15861 |
| Upstream-Status: Backport [https://github.com/net-snmp/net-snmp/commit/9cfb38b0aa95363da1466ca81dd929989ba27c1f] |
| |
| Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> |
| --- |
| snmplib/parse.c | 4 +++- |
| 1 file changed, 3 insertions(+), 1 deletion(-) |
| |
| diff --git a/snmplib/parse.c b/snmplib/parse.c |
| index 51d119b..200ba25 100644 |
| --- a/snmplib/parse.c |
| +++ b/snmplib/parse.c |
| @@ -4961,7 +4961,8 @@ static int scan_directory(char ***result, const char *dirname) |
| } |
| closedir(dir); |
| |
| - qsort(filenames, filename_count, sizeof(filenames[0]), elemcmp); |
| + if (filenames) |
| + qsort(filenames, filename_count, sizeof(filenames[0]), elemcmp); |
| *result = filenames; |
| |
| return filename_count; |
| @@ -5040,6 +5041,7 @@ add_mibdir(const char *dirname) |
| File = oldFile; |
| if (ip) |
| fclose(ip); |
| + free(filenames); |
| return (count); |
| } |
| else |
| -- |
| 2.17.1 |
| |