MFC r256678,r256680,r260986,r272878,r286402:
r256678 (by syrinx): Fix SNMP Error response PDUs and properly encode them when using v3 auth/encryption. r256680 (by syrinx): Fix the -Wconversion warnings produced when compiling the SNMP agent. r260986 (by harti): Fix a problem with OBJECT IDENTIFIER encoding: need to check the second subid to be less than 40, not the first when the first subid is 0 or 1. r272878 (by syrinx): Fix a bug in decoding string indexes in snmp_target(3), thus causing bsnmpd(1) to not send v3 notifications properly; while here add two missing return statements which could lead to abort() in case of a rollback r286402 (by araujo): Fix variable 'old' is used uninitialized whenever '&&' condition is false. Spotted by clang.
This commit is contained in:
ngie
parent
3e6a3544bf
commit
f9fe5ac105
@ -652,7 +652,7 @@ asn_put_objid(struct asn_buf *b, const struct asn_oid *oid)
|
||||
err = ASN_ERR_RANGE;
|
||||
}
|
||||
if (oid->subs[0] > 2 ||
|
||||
(oid->subs[0] < 2 && oid->subs[0] >= 40)) {
|
||||
(oid->subs[0] < 2 && oid->subs[1] >= 40)) {
|
||||
asn_error(NULL, "oid out of range (%u,%u)",
|
||||
oid->subs[0], oid->subs[1]);
|
||||
err = ASN_ERR_RANGE;
|
||||
|
||||
@ -288,11 +288,13 @@ parse_secparams(struct asn_buf *b, struct snmp_pdu *pdu)
|
||||
memset(buf, 0, 256);
|
||||
tb.asn_ptr = buf;
|
||||
tb.asn_len = 256;
|
||||
u_int len;
|
||||
|
||||
if (asn_get_octetstring(b, buf, &tb.asn_len) != ASN_ERR_OK) {
|
||||
if (asn_get_octetstring(b, buf, &len) != ASN_ERR_OK) {
|
||||
snmp_error("cannot parse usm header");
|
||||
return (ASN_ERR_FAILED);
|
||||
}
|
||||
tb.asn_len = len;
|
||||
|
||||
if (asn_get_sequence(&tb, &octs_len) != ASN_ERR_OK) {
|
||||
snmp_error("cannot decode usm header");
|
||||
@ -864,7 +866,7 @@ snmp_fix_encoding(struct asn_buf *b, struct snmp_pdu *pdu)
|
||||
return (SNMP_CODE_FAILED);
|
||||
|
||||
pdu->scoped_len = b->asn_ptr - pdu->scoped_ptr;
|
||||
if ((code = snmp_pdu_fix_padd(b, pdu))!= ASN_ERR_OK)
|
||||
if (snmp_pdu_fix_padd(b, pdu) != ASN_ERR_OK)
|
||||
return (SNMP_CODE_FAILED);
|
||||
|
||||
if (pdu->security_model != SNMP_SECMODEL_USM)
|
||||
@ -997,7 +999,7 @@ snmp_pdu_encode(struct snmp_pdu *pdu, struct asn_buf *resp_b)
|
||||
if ((err = snmp_pdu_encode_header(resp_b, pdu)) != SNMP_CODE_OK)
|
||||
return (err);
|
||||
for (idx = 0; idx < pdu->nbindings; idx++)
|
||||
if ((err = snmp_binding_encode(resp_b, &pdu->bindings[idx]))
|
||||
if (snmp_binding_encode(resp_b, &pdu->bindings[idx])
|
||||
!= ASN_ERR_OK)
|
||||
return (SNMP_CODE_FAILED);
|
||||
|
||||
|
||||
@ -182,7 +182,7 @@ struct snmp_pdu {
|
||||
|
||||
/* fixes for encoding */
|
||||
size_t outer_len;
|
||||
size_t scoped_len;
|
||||
asn_len_t scoped_len;
|
||||
u_char *outer_ptr;
|
||||
u_char *digest_ptr;
|
||||
u_char *encrypted_ptr;
|
||||
|
||||
@ -166,7 +166,7 @@ find_subnode(const struct snmp_value *value)
|
||||
}
|
||||
|
||||
static void
|
||||
snmp_pdu_create_response(struct snmp_pdu *pdu, struct snmp_pdu *resp)
|
||||
snmp_pdu_create_response(const struct snmp_pdu *pdu, struct snmp_pdu *resp)
|
||||
{
|
||||
memset(resp, 0, sizeof(*resp));
|
||||
strcpy(resp->community, pdu->community);
|
||||
@ -276,7 +276,12 @@ snmp_get(struct snmp_pdu *pdu, struct asn_buf *resp_b,
|
||||
}
|
||||
}
|
||||
|
||||
return (snmp_fix_encoding(resp_b, resp));
|
||||
if (snmp_fix_encoding(resp_b, resp) != SNMP_CODE_OK) {
|
||||
snmp_debug("get: failed to encode PDU");
|
||||
return (SNMP_RET_ERR);
|
||||
}
|
||||
|
||||
return (SNMP_RET_OK);
|
||||
}
|
||||
|
||||
static struct snmp_node *
|
||||
@ -438,7 +443,13 @@ snmp_getnext(struct snmp_pdu *pdu, struct asn_buf *resp_b,
|
||||
return (SNMP_RET_ERR);
|
||||
}
|
||||
}
|
||||
return (snmp_fix_encoding(resp_b, resp));
|
||||
|
||||
if (snmp_fix_encoding(resp_b, resp) != SNMP_CODE_OK) {
|
||||
snmp_debug("getnext: failed to encode PDU");
|
||||
return (SNMP_RET_ERR);
|
||||
}
|
||||
|
||||
return (SNMP_RET_OK);
|
||||
}
|
||||
|
||||
enum snmp_ret
|
||||
@ -542,7 +553,12 @@ snmp_getbulk(struct snmp_pdu *pdu, struct asn_buf *resp_b,
|
||||
}
|
||||
|
||||
done:
|
||||
return (snmp_fix_encoding(resp_b, resp));
|
||||
if (snmp_fix_encoding(resp_b, resp) != SNMP_CODE_OK) {
|
||||
snmp_debug("getnext: failed to encode PDU");
|
||||
return (SNMP_RET_ERR);
|
||||
}
|
||||
|
||||
return (SNMP_RET_OK);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -957,18 +973,57 @@ enum snmp_ret
|
||||
snmp_make_errresp(const struct snmp_pdu *pdu, struct asn_buf *pdu_b,
|
||||
struct asn_buf *resp_b)
|
||||
{
|
||||
u_char type;
|
||||
asn_len_t len;
|
||||
struct snmp_pdu resp;
|
||||
enum asn_err err;
|
||||
enum snmp_code code;
|
||||
|
||||
memset(&resp, 0, sizeof(resp));
|
||||
snmp_pdu_create_response(pdu, &resp);
|
||||
|
||||
if ((code = snmp_pdu_decode_header(pdu_b, &resp)) != SNMP_CODE_OK)
|
||||
return (SNMP_RET_IGN);
|
||||
|
||||
if (pdu_b->asn_len < len)
|
||||
if (pdu->version == SNMP_V3) {
|
||||
if (resp.user.priv_proto != SNMP_PRIV_NOPRIV &&
|
||||
(asn_get_header(pdu_b, &type, &resp.scoped_len) != ASN_ERR_OK
|
||||
|| type != ASN_TYPE_OCTETSTRING)) {
|
||||
snmp_error("cannot decode encrypted pdu");
|
||||
return (SNMP_RET_IGN);
|
||||
}
|
||||
|
||||
if (asn_get_sequence(pdu_b, &len) != ASN_ERR_OK) {
|
||||
snmp_error("cannot decode scoped pdu header");
|
||||
return (SNMP_RET_IGN);
|
||||
}
|
||||
|
||||
len = SNMP_ENGINE_ID_SIZ;
|
||||
if (asn_get_octetstring(pdu_b, (u_char *)resp.context_engine,
|
||||
&len) != ASN_ERR_OK) {
|
||||
snmp_error("cannot decode msg context engine");
|
||||
return (SNMP_RET_IGN);
|
||||
}
|
||||
resp.context_engine_len = len;
|
||||
len = SNMP_CONTEXT_NAME_SIZ;
|
||||
if (asn_get_octetstring(pdu_b, (u_char *)resp.context_name,
|
||||
&len) != ASN_ERR_OK) {
|
||||
snmp_error("cannot decode msg context name");
|
||||
return (SNMP_RET_IGN);
|
||||
}
|
||||
resp.context_name[len] = '\0';
|
||||
}
|
||||
|
||||
|
||||
if (asn_get_header(pdu_b, &type, &len) != ASN_ERR_OK) {
|
||||
snmp_error("cannot get pdu header");
|
||||
return (SNMP_RET_IGN);
|
||||
pdu_b->asn_len = len;
|
||||
}
|
||||
|
||||
if ((type & ~ASN_TYPE_MASK) !=
|
||||
(ASN_TYPE_CONSTRUCTED | ASN_CLASS_CONTEXT)) {
|
||||
snmp_error("bad pdu header tag");
|
||||
return (SNMP_RET_IGN);
|
||||
}
|
||||
|
||||
err = snmp_parse_pdus_hdr(pdu_b, &resp, &len);
|
||||
if (ASN_ERR_STOPPED(err))
|
||||
|
||||
@ -151,7 +151,7 @@ int
|
||||
op_ip(struct snmp_context *ctx, struct snmp_value *value,
|
||||
u_int sub, u_int idx __unused, enum snmp_op op)
|
||||
{
|
||||
int old;
|
||||
int old = 0;
|
||||
|
||||
switch (op) {
|
||||
|
||||
|
||||
@ -301,6 +301,7 @@ op_snmp_target_addrs(struct snmp_context *ctx __unused, struct snmp_value *val,
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return (SNMP_ERR_NOERROR);
|
||||
|
||||
default:
|
||||
abort();
|
||||
@ -625,6 +626,7 @@ op_snmp_notify(struct snmp_context *ctx __unused, struct snmp_value *val,
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return (SNMP_ERR_NOERROR);
|
||||
|
||||
default:
|
||||
abort();
|
||||
@ -663,13 +665,14 @@ target_append_index(struct asn_oid *oid, uint sub, const char *name)
|
||||
static int
|
||||
target_decode_index(const struct asn_oid *oid, uint sub, char *name)
|
||||
{
|
||||
uint32_t i, len;
|
||||
uint32_t i;
|
||||
|
||||
if ((len = oid->len - sub) >= SNMP_ADM_STR32_SIZ)
|
||||
if (oid->len - sub != oid->subs[sub] + 1 || oid->subs[sub] >=
|
||||
SNMP_ADM_STR32_SIZ)
|
||||
return (-1);
|
||||
|
||||
for (i = 0; i < len; i++)
|
||||
name[i] = oid->subs[sub + i];
|
||||
for (i = 0; i < oid->subs[sub]; i++)
|
||||
name[i] = oid->subs[sub + i + 1];
|
||||
name[i] = '\0';
|
||||
|
||||
return (0);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user