Blame SOURCES/net-snmp-5.8-fix-cert-crash.patch

db9c9a
diff -urNp a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c
db9c9a
--- a/snmplib/snmp_openssl.c	2021-06-09 12:38:23.196037329 +0200
db9c9a
+++ b/snmplib/snmp_openssl.c	2021-06-09 12:44:11.782503048 +0200
db9c9a
@@ -284,31 +284,30 @@ _cert_get_extension(X509_EXTENSION  *oex
db9c9a
     }
db9c9a
     if (X509V3_EXT_print(bio, oext, 0, 0) != 1) {
db9c9a
         snmp_log(LOG_ERR, "could not print extension!\n");
db9c9a
-        BIO_vfree(bio);
db9c9a
-        return NULL;
db9c9a
+        goto out;
db9c9a
     }
db9c9a
 
db9c9a
     space = BIO_get_mem_data(bio, &data);
db9c9a
     if (buf && *buf) {
db9c9a
-        if (*len < space) 
db9c9a
-            buf_ptr = NULL;
db9c9a
-        else
db9c9a
-            buf_ptr = *buf;
db9c9a
+        if (*len < space +1) {
db9c9a
+            snmp_log(LOG_ERR, "not enough buffer space to print extension\n"); 
db9c9a
+            goto out;
db9c9a
+        }
db9c9a
+        buf_ptr = *buf;    
db9c9a
+    } else {
db9c9a
+        buf_ptr = calloc(1, space + 1);
db9c9a
     }
db9c9a
-    else
db9c9a
-        buf_ptr = calloc(1,space + 1);
db9c9a
     
db9c9a
     if (!buf_ptr) {
db9c9a
-        snmp_log(LOG_ERR,
db9c9a
-                 "not enough space or error in allocation for extenstion\n");
db9c9a
-        BIO_vfree(bio);
db9c9a
-        return NULL;
db9c9a
+        snmp_log(LOG_ERR, "error in allocation for extenstion\n");
db9c9a
+        goto out;
db9c9a
     }
db9c9a
     memcpy(buf_ptr, data, space);
db9c9a
     buf_ptr[space] = 0;
db9c9a
     if (len)
db9c9a
         *len = space;
db9c9a
 
db9c9a
+out:
db9c9a
     BIO_vfree(bio);
db9c9a
 
db9c9a
     return buf_ptr;
db9c9a
@@ -479,7 +478,7 @@ netsnmp_openssl_cert_dump_extensions(X50
db9c9a
 {
db9c9a
     X509_EXTENSION  *extension;
db9c9a
     const char      *extension_name;
db9c9a
-    char             buf[SNMP_MAXBUF_SMALL], *buf_ptr = buf, *str, *lf;
db9c9a
+    char             buf[SNMP_MAXBUF], *buf_ptr = buf, *str, *lf;
db9c9a
     int              i, num_extensions, buf_len, nid;
db9c9a
 
db9c9a
     if (NULL == ocert)
db9c9a
@@ -499,6 +498,11 @@ netsnmp_openssl_cert_dump_extensions(X50
db9c9a
         extension_name = OBJ_nid2sn(nid);
db9c9a
         buf_len = sizeof(buf);
db9c9a
         str = _cert_get_extension_str_at(ocert, i, &buf_ptr, &buf_len, 0);
db9c9a
+        if (!str) {
db9c9a
+            DEBUGMSGT(("9:cert:dump", "    %2d: %s\n", i,
db9c9a
+                        extension_name));
db9c9a
+            continue;
db9c9a
+        }
db9c9a
         lf = strchr(str, '\n'); /* look for multiline strings */
db9c9a
         if (NULL != lf)
db9c9a
             *lf = '\0'; /* only log first line of multiline here */