There's a missing NULL check in appl_response(). This should only happenwhen a
backend is misbehaving, so I only managed to find this because
I'm actively bashing it right now. This should make us a little more
future-proof. Code further down the path already has similar NULL checks
against this variable.
OK?
martijn@
Index: application.c
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/application.c,v
retrieving revision 1.1
diff -u -p -r1.1 application.c
--- application.c 19 Jan 2022 10:59:35 -0000 1.1
+++ application.c 20 Jan 2022 21:52:41 -0000
@@ -1056,7 +1056,8 @@ appl_response(struct appl_backend *backe
appl_varbind_error(origvb, error);
origvb->avi_state = APPL_VBSTATE_DONE;
origvb->avi_varbind.av_oid = vb->av_oid;
- if (vb->av_value->be_class == BER_CLASS_CONTEXT &&
+ if (vb->av_value != NULL &&
+ vb->av_value->be_class == BER_CLASS_CONTEXT &&
vb->av_value->be_type == APPL_EXC_ENDOFMIBVIEW) {
nregion = appl_region_next(ureq->aru_ctx,
&(vb->av_oid), origvb->avi_region);
