On Mon, 14 Nov 2005 10:05:43 -0800 Fong wrote:
FT> In snmp_api.c, when (transport->flags & NETSNMP_TRANSPORT_FLAG_STREAM)
FT> is not true, it malloc the memory for rxbuf at line 5289. By the time,
FT> rxbuf doesn't point to isp->packet.
FT> When transport->f_recv fails (return -1), it should free (rxbuf) not
FT> isp->packet, at line 5302.
Ah, I fell into the trap of looking at cvs code, which does exactly what you
suggest (fixed last June, apparently).
So, then the question to coders and the admins is, does this qualify as a DOS,
worth a 5.0.10.3 release? I'd lean towards yes.
--
NOTE: messages sent directly to me, instead of the lists, will be deleted
unless they are requests for paid consulting services.
Robert Story; NET-SNMP Junkie
Support: <http://www.net-snmp.org/> <irc://irc.freenode.net/#net-snmp>
Archive: <http://sourceforge.net/mailarchive/forum.php?forum=net-snmp-coders>
You are lost in a twisty maze of little standards, all different.
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
