|
|
dbd30b |
diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
|
|
|
dbd30b |
--- a/snmplib/snmp_api.c 2020-09-29 14:08:09.821479662 +0200
|
|
|
dbd30b |
+++ b/snmplib/snmp_api.c 2020-10-01 10:15:46.607374362 +0200
|
|
|
dbd30b |
@@ -2731,7 +2731,7 @@ snmpv3_packet_build(netsnmp_session * se
|
|
|
dbd30b |
/*
|
|
|
dbd30b |
* build a scopedPDU structure into spdu_buf
|
|
|
dbd30b |
*/
|
|
|
dbd30b |
- spdu_buf_len = SNMP_MAX_MSG_SIZE;
|
|
|
dbd30b |
+ spdu_buf_len = sizeof(spdu_buf);
|
|
|
dbd30b |
DEBUGDUMPSECTION("send", "ScopedPdu");
|
|
|
dbd30b |
cp = snmpv3_scopedPDU_header_build(pdu, spdu_buf, &spdu_buf_len,
|
|
|
dbd30b |
&spdu_hdr_e);
|
|
|
dbd30b |
@@ -2743,6 +2743,11 @@ snmpv3_packet_build(netsnmp_session * se
|
|
|
dbd30b |
*/
|
|
|
dbd30b |
DEBUGPRINTPDUTYPE("send", ((pdu_data) ? *pdu_data : 0x00));
|
|
|
dbd30b |
if (pdu_data) {
|
|
|
dbd30b |
+ if (cp + pdu_data_len > spdu_buf + sizeof(spdu_buf)) {
|
|
|
dbd30b |
+ snmp_log(LOG_ERR, "%s: PDU too big (%" NETSNMP_PRIz "d > %" NETSNMP_PRIz "d)\n",
|
|
|
dbd30b |
+ __func__, pdu_data_len, sizeof(spdu_buf));
|
|
|
dbd30b |
+ return -1;
|
|
|
dbd30b |
+ }
|
|
|
dbd30b |
memcpy(cp, pdu_data, pdu_data_len);
|
|
|
dbd30b |
cp += pdu_data_len;
|
|
|
dbd30b |
} else {
|
|
|
dbd30b |
@@ -2756,7 +2761,7 @@ snmpv3_packet_build(netsnmp_session * se
|
|
|
dbd30b |
* re-encode the actual ASN.1 length of the scopedPdu
|
|
|
dbd30b |
*/
|
|
|
dbd30b |
spdu_len = cp - spdu_hdr_e; /* length of scopedPdu minus ASN.1 headers */
|
|
|
dbd30b |
- spdu_buf_len = SNMP_MAX_MSG_SIZE;
|
|
|
dbd30b |
+ spdu_buf_len = sizeof(spdu_buf);
|
|
|
dbd30b |
if (asn_build_sequence(spdu_buf, &spdu_buf_len,
|
|
|
dbd30b |
(u_char) (ASN_SEQUENCE | ASN_CONSTRUCTOR),
|
|
|
dbd30b |
spdu_len) == NULL)
|
|
|
dbd30b |
@@ -2769,7 +2774,7 @@ snmpv3_packet_build(netsnmp_session * se
|
|
|
dbd30b |
* message - the entire message to transmitted on the wire is returned
|
|
|
dbd30b |
*/
|
|
|
dbd30b |
cp = NULL;
|
|
|
dbd30b |
- *out_length = SNMP_MAX_MSG_SIZE;
|
|
|
dbd30b |
+ *out_length = sizeof(spdu_buf);
|
|
|
dbd30b |
DEBUGDUMPSECTION("send", "SM msgSecurityParameters");
|
|
|
dbd30b |
sptr = find_sec_mod(pdu->securityModel);
|
|
|
dbd30b |
if (sptr && sptr->encode_forward) {
|
|
|
dbd30b |
|
|
|
dbd30b |
diff -urNp a/include/net-snmp/library/default_store.h b/include/net-snmp/library/default_store.h
|
|
|
dbd30b |
--- a/include/net-snmp/library/default_store.h 2022-03-07 10:50:12.425997555 +0100
|
|
|
dbd30b |
+++ b/include/net-snmp/library/default_store.h 2022-03-07 12:51:07.968771327 +0100
|
|
|
dbd30b |
@@ -96,7 +96,7 @@ extern "C" {
|
|
|
dbd30b |
#define NETSNMP_DS_LIB_DNSSEC_WARN_ONLY 41 /* tread DNSSEC errors as warnings */
|
|
|
dbd30b |
#define NETSNMP_DS_LIB_CLIENT_ADDR_USES_PORT 42 /* NETSNMP_DS_LIB_CLIENT_ADDR includes address and also port */
|
|
|
dbd30b |
#define NETSNMP_DS_LIB_MAX_BOOL_ID 48 /* match NETSNMP_DS_MAX_SUBIDS */
|
|
|
dbd30b |
-
|
|
|
dbd30b |
+#define NETSNMP_DS_LIB_MSG_SEND_MAX 16
|
|
|
dbd30b |
/*
|
|
|
dbd30b |
* library integers
|
|
|
dbd30b |
*/
|
|
|
dbd30b |
diff -urNp a/include/net-snmp/library/snmp.h b/include/net-snmp/library/snmp.h
|
|
|
dbd30b |
--- a/include/net-snmp/library/snmp.h 2012-10-10 00:28:58.000000000 +0200
|
|
|
dbd30b |
+++ b/include/net-snmp/library/snmp.h 2022-03-07 11:27:16.462066135 +0100
|
|
|
dbd30b |
@@ -40,6 +40,7 @@ SOFTWARE.
|
|
|
dbd30b |
|
|
|
dbd30b |
#define SNMP_MAX_LEN 1500 /* typical maximum message size */
|
|
|
dbd30b |
#define SNMP_MIN_MAX_LEN 484 /* minimum maximum message size */
|
|
|
dbd30b |
+#define SNMP_MAX_PACKET_LEN (0x7fffffff)
|
|
|
dbd30b |
|
|
|
dbd30b |
/*
|
|
|
dbd30b |
* SNMP versions
|
|
|
dbd30b |
diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
|
|
|
dbd30b |
--- a/snmplib/snmp_api.c 2022-03-07 10:50:12.533998393 +0100
|
|
|
dbd30b |
+++ b/snmplib/snmp_api.c 2022-03-07 11:18:17.857183065 +0100
|
|
|
dbd30b |
@@ -309,6 +309,24 @@ static const char *secLevelName[] = {
|
|
|
dbd30b |
};
|
|
|
dbd30b |
|
|
|
dbd30b |
/*
|
|
|
dbd30b |
+ * return configured max message size for outgoing packets
|
|
|
dbd30b |
+ */
|
|
|
dbd30b |
+int
|
|
|
dbd30b |
+netsnmp_max_send_msg_size(void)
|
|
|
dbd30b |
+{
|
|
|
dbd30b |
+ u_int max = netsnmp_ds_get_int(NETSNMP_DS_LIBRARY_ID,
|
|
|
dbd30b |
+ NETSNMP_DS_LIB_MSG_SEND_MAX);
|
|
|
dbd30b |
+ if (0 == max)
|
|
|
dbd30b |
+ max = SNMP_MAX_PACKET_LEN;
|
|
|
dbd30b |
+ else if (max < SNMP_MIN_MAX_LEN)
|
|
|
dbd30b |
+ max = SNMP_MIN_MAX_LEN; /* minimum max size per SNMP specs */
|
|
|
dbd30b |
+ else if (max > SNMP_MAX_PACKET_LEN)
|
|
|
dbd30b |
+ max = SNMP_MAX_PACKET_LEN;
|
|
|
dbd30b |
+
|
|
|
dbd30b |
+ return max;
|
|
|
dbd30b |
+}
|
|
|
dbd30b |
+
|
|
|
dbd30b |
+/*
|
|
|
dbd30b |
* Multiple threads may changes these variables.
|
|
|
dbd30b |
* Suggest using the Single API, which does not use Sessions.
|
|
|
dbd30b |
*
|
|
|
dbd30b |
@@ -737,7 +755,7 @@ snmp_sess_init(netsnmp_session * session
|
|
|
dbd30b |
session->retries = SNMP_DEFAULT_RETRIES;
|
|
|
dbd30b |
session->version = SNMP_DEFAULT_VERSION;
|
|
|
dbd30b |
session->securityModel = SNMP_DEFAULT_SECMODEL;
|
|
|
dbd30b |
- session->rcvMsgMaxSize = SNMP_MAX_MSG_SIZE;
|
|
|
dbd30b |
+ session->rcvMsgMaxSize = netsnmp_max_send_msg_size();
|
|
|
dbd30b |
session->flags |= SNMP_FLAGS_DONT_PROBE;
|
|
|
dbd30b |
}
|
|
|
dbd30b |
|