On Thu, 4 Sep 2008 10:46:44 +0200, Gabriele Messineo
[EMAIL PROTECTED] wrote:
Hi,
I think you can fix this bug by applying this patch:
--- python/netsnmp/client_intf.c
+++ python/netsnmp/client_intf.c
320c320
snprintf(buf,%ld, buf_len, *var-val.integer);
---
snprintf(buf, buf_len, %ld, *var-val.integer);
The bug has been introduced in the SVN 16962 and it's applied in the
patch:
debian/patches/49_cve2008_2292_python.patch
It's a simple type that cause every walk on integer MIBs to cause a
segfault
from python.
I've verified it is present in the latest experimental package
(5.4.1~dfsg-9)
and in the SVN Trunk of net-snmp (actually 17206).
Hi Gabriele!
Thanks for your quick reply. You are right. Here is a more detailed
backtrace:
#4 0x7fa69711626a in __snprint_value (buf=0x7fffa02df3a0 ,
buf_len=4096, var=0x222af70, tp=0x21bbb80, type=16, flag=0)
at netsnmp/client_intf.c:341
341 snprintf(buf,%ld, buf_len, *var-val.integer);
After applying your patch, the segfault is gone.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
