net-snmp SIGSEGV: not enough space or error in allocation for extenstion
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
logilab-common (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
When a certificate contains an extension that when printed becomes longer than 512 bytes (for example certificate transparency as used in modern certs) net-snmp crashes on startup with a SIGSEGV.
The following patches fix the problem by:
- Increasing the buffer size from 512 to 4096 bytes when dumping cert extensions.
- Checking for NULL before attempting a strchr, fixing the crash.
Bug report with fix at https:/
Individual patches:
https:/
https:/
https:/
https:/
Same bug at RHEL: https:/ /bugzilla. redhat. com/show_ bug.cgi? id=1908718