php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #14679 Crash with RH ucd-snmp libs -- BUGFIX
Submitted: 2001-12-23 21:18 UTC Modified: 2002-01-27 05:19 UTC
From: hps at intermeta dot de Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 4.0CVS-2001-12-23 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: hps at intermeta dot de
New email:
PHP Version: OS:

 

 [2001-12-23 21:18 UTC] hps at intermeta dot de 
hi,

this is the fix for the snmp crash with recent red hat 
libraries. Compile fix is to check for binit() in libsnmp
and if yes, use the following calls. Addition of binit()
check in configure.in is left as an exercise for the 
reader. ;-)


--- php-4.1.0/ext/snmp/snmp.c   Mon Dec 24 03:11:23 2001
+++ /tmp/snmp.c Mon Dec 24 03:10:55 2001
@@ -158,8 +158,9 @@
     int name_length;
     int status, count,rootlen=0,gotroot=0;
        oid root[MAX_NAME_LEN];
-       char buf[2048];
-       char buf2[2048];
+#define BUFSIZE 2048
+       char buf[BUFSIZE];
+       char buf2[BUFSIZE];
        int keepwalking=1;
        long timeout=SNMP_DEFAULT_TIMEOUT;
        long retries=SNMP_DEFAULT_RETRIES;
@@ -315,7 +316,7 @@
                                        }
 
                                        if (st != 11) {
-                                               sprint_value(buf,vars->name, vars->name_length, vars);
+                                               sprint_value(binit(NULL, buf, BUFSIZE) ,vars->name, vars->name_length, vars);
                                        }
 #if 0
                                        Debug("snmp response is: %s\n",buf);
@@ -325,7 +326,7 @@
                                        } else if (st == 2) {
                                                add_next_index_string(return_value,buf,1); /* Add to returned array */
                                        } else if (st == 3)  {
-                                               sprint_objid(buf2, vars->name, vars->name_length);
+                                               sprint_objid(binit(NULL, buf2, BUFSIZE), vars->name, vars->name_length);
                                                add_assoc_string(return_value,buf2,buf,1);
                                        }
                                        if (st >= 2 && st != 11) {
@@ -344,7 +345,7 @@
                                                for (count=1, vars = response->variables; vars && count != response->errindex;
                                                vars = vars->next_variable, count++);
                                                if (vars) {
-                                                       sprint_objid(buf,vars->name, vars->name_length);
+                                                       sprint_objid(binit(NULL, buf, BUFSIZE), vars->name, vars->name_length);
                                                }
                                                php_error(E_WARNING,"This name does not exist: %s\n",buf);
                                        }

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-12-24 03:17 UTC] mfischer@php.net 
Please send the patch as attachment as a reply to this mail (line ending got fscked up). Also, next time please don't open a new report.
 [2002-01-06 07:46 UTC] sander@php.net 
Has this patch been applied?
If not, can you send to patch to mfisher@php.net?
(btw: this patch is for bug #14462
 [2002-01-27 05:19 UTC] sander@php.net 
No feedback.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 26 07:01:32 2024 UTC