svn commit: r299465 - head/contrib/bsnmp/snmp_usm
Conrad E. Meyer
cem at FreeBSD.org
Wed May 11 16:54:36 UTC 2016
Author: cem
Date: Wed May 11 16:54:34 2016
New Revision: 299465
URL: https://svnweb.freebsd.org/changeset/base/299465
Log:
bsnmp: Don't overrun privkey buffer by copying wrong size
The 'priv_key' array is SNMP_PRIV_KEY_SIZ bytes, not SNMP_AUTH_KEY_SIZ.
Reported by: Coverity
CIDs: 1008326, 1009675
Sponsored by: EMC / Isilon Storage Division
Modified:
head/contrib/bsnmp/snmp_usm/usm_snmp.c
Modified: head/contrib/bsnmp/snmp_usm/usm_snmp.c
==============================================================================
--- head/contrib/bsnmp/snmp_usm/usm_snmp.c Wed May 11 16:53:56 2016 (r299464)
+++ head/contrib/bsnmp/snmp_usm/usm_snmp.c Wed May 11 16:54:34 2016 (r299465)
@@ -360,7 +360,7 @@ op_usm_users(struct snmp_context *ctx, s
case LEAF_usmUserPrivKeyChange:
case LEAF_usmUserOwnPrivKeyChange:
memcpy(uuser->suser.priv_key, ctx->scratch->ptr1,
- SNMP_AUTH_KEY_SIZ);
+ SNMP_PRIV_KEY_SIZ);
free(ctx->scratch->ptr1);
break;
case LEAF_usmUserPublic:
More information about the svn-src-head
mailing list