master

分支 (12)

标签 (5)

管理

管理

master

openEuler-20.03-LTS

openEuler-21.09

openEuler-20.03-LTS-SP2

sync-pr24-openEuler-20.03-LTS-SP1-to-openEuler-20.03-LTS-Next

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-Next

openEuler-21.03

step1-task

openEuler-20.09

openEuler1.0

openEuler1.0-base

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

openEuler-20.09-20200929

openEuler-20.03-LTS-20200606

openEuler-20.03-LTS-tag

net-snmp
/
CVE-2020-15862.patch

From 77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205 Mon Sep 17 00:00:00 2001
From: Wes Hardaker <opensource@hardakers.net>
Date: Thu, 23 Jul 2020 16:17:27 -0700
Subject: [PATCH] make the extend mib read-only by default

---
 agent/mibgroup/agent/extend.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/agent/mibgroup/agent/extend.c b/agent/mibgroup/agent/extend.c
index 5f8cedc..7bd2314 100644
--- a/agent/mibgroup/agent/extend.c
+++ b/agent/mibgroup/agent/extend.c
@@ -16,6 +16,13 @@
 #define SHELLCOMMAND 3
 #endif

+/*  This mib is potentially dangerous to turn on by default, since it
+ *  allows arbitrary commands to be set by anyone with SNMP WRITE
+ *  access to the MIB table.  If all of your users are "root" level
+ *  users, then it may be safe to turn on. */
+#define ENABLE_EXTEND_WRITE_ACCESS 0
+
+
 netsnmp_feature_require(extract_table_row_data)
 netsnmp_feature_require(table_data_delete_table)
 #ifndef NETSNMP_NO_WRITE_SUPPORT
@@ -742,7 +749,7 @@ handle_nsExtendConfigTable(netsnmp_mib_handler          *handler,
          *
          **********/

-#ifndef NETSNMP_NO_WRITE_SUPPORT
+#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
         case MODE_SET_RESERVE1:
             /*
              * Validate the new assignments
@@ -1068,7 +1075,7 @@ handle_nsExtendConfigTable(netsnmp_mib_handler          *handler,
                 }
             }
             break;
-#endif /* !NETSNMP_NO_WRITE_SUPPORT */
+#endif /* !NETSNMP_NO_WRITE_SUPPORT and ENABLE_EXTEND_WRITE_ACCESS */

         default:
             netsnmp_set_request_error(reqinfo, request, SNMP_ERR_GENERR);
@@ -1076,7 +1083,7 @@ handle_nsExtendConfigTable(netsnmp_mib_handler          *handler,
         }
     }

-#ifndef NETSNMP_NO_WRITE_SUPPORT
+#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
     /*
      * If we're marking a given row as active,
      *  then we need to check that it's ready.
@@ -1101,7 +1108,7 @@ handle_nsExtendConfigTable(netsnmp_mib_handler          *handler,
             }
         }
     }
-#endif /* !NETSNMP_NO_WRITE_SUPPORT */
+#endif /* !NETSNMP_NO_WRITE_SUPPORT && ENABLE_EXTEND_WRITE_ACCESS */

     return SNMP_ERR_NOERROR;
 }
@@ -1590,7 +1597,7 @@ fixExec2Error(int action,
     idx = name[name_len-1] -1;
     exten = &compatability_entries[ idx ];

-#ifndef NETSNMP_NO_WRITE_SUPPORT
+#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
     switch (action) {
     case MODE_SET_RESERVE1:
         if (var_val_type != ASN_INTEGER) {
@@ -1611,7 +1618,7 @@ fixExec2Error(int action,
     case MODE_SET_COMMIT:
         netsnmp_cache_check_and_reload( exten->efix_entry->cache );
     }
-#endif /* !NETSNMP_NO_WRITE_SUPPORT */
+#endif /* !NETSNMP_NO_WRITE_SUPPORT && ENABLE_EXTEND_WRITE_ACCESS */
     return SNMP_ERR_NOERROR;
 }
 #endif /* USING_UCD_SNMP_EXTENSIBLE_MODULE */
--
2.23.0