From 8b959dd6a3921c35395bef4a6d7ad2426a3bd88e Mon Sep 17 00:00:00 2001
From: Shteryana Shopova <syrinx@FreeBSD.org>
Date: Fri, 1 Oct 2021 14:10:39 +0300
Subject: [PATCH] Fix bsnmpd(1) crash with ill-formed Discovery message

RFC 3414 Section 4. Discovery specifies that a discovery request message has a
varBindList left empty. Nonetheless, bsnmpd(1) should not crash when receiving
a non-zero var-bindings list in a Discovery Request message.

PR:		255214
MFC after:	2 weeks
---
 contrib/bsnmp/snmpd/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contrib/bsnmp/snmpd/main.c b/contrib/bsnmp/snmpd/main.c
index b07308165ddd..928b84121f82 100644
--- a/contrib/bsnmp/snmpd/main.c
+++ b/contrib/bsnmp/snmpd/main.c
@@ -641,7 +641,7 @@ snmp_input_start(const u_char *buf, size_t len, const char *source,
 			pdu->engine.engine_boots = snmpd_engine.engine_boots;
 			pdu->engine.engine_time = snmpd_engine.engine_time;
 		}
-	} else if (usm_user->suser.auth_proto != SNMP_AUTH_NOAUTH &&
+	} else if (pdu->user.auth_proto != SNMP_AUTH_NOAUTH &&
 	     (pdu->engine.engine_boots == 0 || pdu->engine.engine_time == 0)) {
 		snmpd_usmstats.not_in_time_windows++;
 		ret = SNMPD_INPUT_FAILED;