Author: cem
Date: Wed May 11 16:54:34 2016
New Revision: 299465
URL: https://svnweb.freebsd.org/changeset/base/299465
Log:
bsnmp: Don't overrun privkey buffer by copying wrong size
The 'priv_key' array is SNMP_PRIV_KEY_SIZ bytes, not SNMP_AUTH_KEY_SIZ.
Reported by: Coverity
CIDs: 1008326, 1009675
Sponsored by: EMC / Isilon Storage Division
Modified:
head/contrib/bsnmp/snmp_usm/usm_snmp.c
Modified: head/contrib/bsnmp/snmp_usm/usm_snmp.c
==============================================================================
--- head/contrib/bsnmp/snmp_usm/usm_snmp.c Wed May 11 16:53:56 2016
(r299464)
+++ head/contrib/bsnmp/snmp_usm/usm_snmp.c Wed May 11 16:54:34 2016
(r299465)
@@ -360,7 +360,7 @@ op_usm_users(struct snmp_context *ctx, s
case LEAF_usmUserPrivKeyChange:
case LEAF_usmUserOwnPrivKeyChange:
memcpy(uuser->suser.priv_key, ctx->scratch->ptr1,
- SNMP_AUTH_KEY_SIZ);
+ SNMP_PRIV_KEY_SIZ);
free(ctx->scratch->ptr1);
break;
case LEAF_usmUserPublic:
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
