Ubuntu
logilab-common package

net-snmp SIGSEGV: not enough space or error in allocation for extenstion

Bug #1908995 reported by Graham Leggett
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
logilab-common (Ubuntu)
New
Undecided
Unassigned

Bug Description

When a certificate contains an extension that when printed becomes longer than 512 bytes (for example certificate transparency as used in modern certs) net-snmp crashes on startup with a SIGSEGV.

The following patches fix the problem by:

- Increasing the buffer size from 512 to 4096 bytes when dumping cert extensions.

- Checking for NULL before attempting a strchr, fixing the crash.

Bug report with fix at https://github.com/net-snmp/net-snmp/issues/233.

Individual patches:

https://github.com/net-snmp/net-snmp/commit/9d001c34196df47526260441af35a509a325e41f.diff
https://github.com/net-snmp/net-snmp/commit/4c5d2ceae4d4a8b77db48fc8fff77e14943ff4d3.diff
https://github.com/net-snmp/net-snmp/commit/bb30f8ee0075750fd3648a6bf3fab543f46152ed.diff
https://github.com/net-snmp/net-snmp/commit/969226ea501b92e1a2ed427bc1a46f18ef2890b7.diff

Revision history for this message
Graham Leggett (minfrin-y) wrote :

Same bug at RHEL: https://bugzilla.redhat.com/show_bug.cgi?id=1908718

Revision history for this message
Graham Leggett (minfrin-y) wrote :

This bug is a duplicate of: https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1912389

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.