[erlang-patches] SNMPD: bugfix to snmp_generic:split_index_to_keys/2

Fri Jul 20 10:25:22 CEST 2012

Dear all,

I've not heard any comment on the patch below. Anyone interested???

Kind regards,

Stefan.

Am Mittwoch, den 04.07.2012, 16:42 +0200 schrieb Stefan Zegenhagen:
> Dear all,
> 
> this mail contains a patch that solves a problem with the indicated
> function. For dynamically-sized table indices it wasn't checking whether
> the length of the index value matches all constraints specified in the
> MIB.
> 
> Kind regards,
> 
> --- snip ---
> 
> From 12c80f51879da4d36019cf736c1009e5bc09b908 Mon Sep 17 00:00:00 2001
> From: Stefan Zegenhagen <stefan.zegenhagen@REDACTED>
> Date: Wed, 4 Jul 2012 14:10:00 +0200
> Subject: [PATCH 1/2] fix snmp_generic:split_index_to_keys/2
> 
> The function snmp_generic:split_index_to_keys/2 handles dynamic length
> RowIndex members, but fails to check that their length actually falls
> within the constraints given by the MIB.
> 
> The problem becomes real for table indices having an 'OCTET STRING'
> syntax, e.g. OCTET STRING(1..32) where it is possible to pass
> zero-length strings or strings longer than 32 chars without any
> validation failure.
> ---
>  lib/snmp/src/agent/snmp_generic.erl |   20 ++++++++++++++++----
>  1 file changed, 16 insertions(+), 4 deletions(-)
> 
> diff --git a/lib/snmp/src/agent/snmp_generic.erl b/lib/snmp/src/agent/snmp_generic.erl
> index 06afa68..0dd1f8b 100644
> --- a/lib/snmp/src/agent/snmp_generic.erl
> +++ b/lib/snmp/src/agent/snmp_generic.erl
> @@ -640,11 +640,12 @@ collect_keys([#asn1_type{lo = X, hi = X} | _Indexes], Keys)
>  %% Otherwise, its a dynamic-length type => its a list
>  %% OBJECT IDENTIFIER, OCTET STRING or BITS (or derivatives)
>  %% Check if it is IMPLIED (only last element can be IMPLIED)
> -collect_keys([#asn1_type{implied = true}], Keys) ->
> -    [Keys];
> -collect_keys([_Type | Indexes], [Length | Keys]) when length(Keys) >= Length ->
> +%% and also check lo/hi constraints...
> +collect_keys([#asn1_type{implied = true} = Type], Keys) ->
> +    [collect_check_length(Type, Keys)];
> +collect_keys([Type | Indexes], [Length | Keys]) when length(Keys) >= Length ->
>      {StrKey, Rest} = collect_length(Length, Keys, []),
> -    [StrKey | collect_keys(Indexes, Rest)];
> +    [collect_check_length(Type, StrKey) | collect_keys(Indexes, Rest)];
>  collect_keys([_Type | _Indexes], [Length | Keys]) ->
>      exit({error, {size_mismatch, Length, Keys}});
>  collect_keys([], []) -> [];
> @@ -657,6 +658,17 @@ collect_length(0, Rest, Rts) ->
>  collect_length(N, [El | Rest], Rts) ->
>      collect_length(N-1, Rest, [El | Rts]).
>  
> +collect_check_length(#asn1_type{lo = Lo, hi = Hi}, ListVal) ->
> +    Length = length(ListVal),
> +    if
> +        is_integer(Lo) andalso Length < Lo ->
> +            exit({error, {size_mismatch, Lo, ListVal}});
> +        is_integer(Hi) andalso Length > Hi ->
> +            exit({error, {size_mismatch, Hi, ListVal}});
> +        true ->
> +            ListVal
> +    end.
> +
>  %%------------------------------------------------------------------
>  %% Checks if a certain row exists.
>  %% Returns true or false.
> -- 
> 1.7.9.5
> 
> 

-- 
Dr. Stefan Zegenhagen

arcutronix GmbH
Garbsener Landstr. 10
30419 Hannover
Germany

Tel:   +49 511 277-2734
Fax:   +49 511 277-2709
Email: stefan.zegenhagen@REDACTED
Web:   www.arcutronix.com

*Synchronize the Ethernet*

General Managers: Dipl. Ing. Juergen Schroeder, Dr. Josef Gfrerer -
Legal Form: GmbH, Registered office: Hannover, HRB 202442, Amtsgericht
Hannover; Ust-Id: DE257551767.

Please consider the environment before printing this message.