diff options
| author |   blambert <blambert@openbsd.org> | 2013-09-11 14:58:01 +0000 |
|---|---|---|
| committer | blambert <blambert@openbsd.org> | 2013-09-11 14:58:01 +0000 |
| commit | e92f2cdec7fb8efacc7c1558153fd9a86d71c4ed (patch) | |
| tree | c128a4dbb65554bd1c7997639248ad0790ac1206 | |
| parent | Correct type of tv_sec to time_t. (diff) | |
| download | wireguard-openbsd-e92f2cdec7fb8efacc7c1558153fd9a86d71c4ed.tar.xz wireguard-openbsd-e92f2cdec7fb8efacc7c1558153fd9a86d71c4ed.zip | |
According to ITU X.690 (ASN.1 definition document), "octet strings"
and derived types are allowed to have 0 content octets, whereas
"bitstrings" are required to have at least 1 content octet. Adjust
the checks in the trap acceptance code to allow for 0-length "octet
strings" in SNMP traps.
okay reyk@
| -rw-r--r-- | usr.sbin/snmpd/trap.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/usr.sbin/snmpd/trap.c b/usr.sbin/snmpd/trap.c index 705677e303f..77f432a422a 100644 --- a/usr.sbin/snmpd/trap.c +++ b/usr.sbin/snmpd/trap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: trap.c,v 1.17 2012/09/17 16:43:59 reyk Exp $ */ +/* $OpenBSD: trap.c,v 1.18 2013/09/11 14:58:01 blambert Exp $ */ /* * Copyright (c) 2008 Reyk Floeter <reyk@openbsd.org> @@ -107,10 +107,12 @@ trap_imsg(struct imsgev *iev, pid_t pid) a = ber_add_oidstring(a, ostr); break; case SNMP_BITSTRING: + if (sm->snmp_len < 1) + goto imsgdone; + /* FALLTHROUGH */ case SNMP_OCTETSTRING: case SNMP_IPADDR: - if ((sm->snmp_len < 1) || - (sm->snmp_len >= SNMPD_MAXSTRLEN)) + if (sm->snmp_len >= SNMPD_MAXSTRLEN) goto imsgdone; c = (u_int8_t *)(sm + 1); if (sm->snmp_type == SNMP_BITSTRING) |