]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f52d4e9) | patch
snmplib: Improve handling of zero-length ASN OCTET STRINGs (#2163)
authorJoshua Rogers <MegaManSec@users.noreply.github.com>
Sun, 9 Nov 2025 11:49:11 +0000 (11:49 +0000)
committerSquid Anubis <squid-anubis@squid-cache.org>
Sun, 9 Nov 2025 11:49:18 +0000 (11:49 +0000)
commit356525e8bc27935358a72eb4dd4bf01438fde5fc
tree221bc214d706cc88be215c028f2865c4ffb8ef0etree | snapshot
parentf52d4e9cadb4f83282af26c485b16d4251afd379commit | diff
snmplib: Improve handling of zero-length ASN OCTET STRINGs (#2163)

When converting zero-length objects to c-strings and terminating their
values, do not write to c-string storage buffer at offset `-1`.

Also reject 128-byte SNMP community values because our storage buffer
does not allow for their zero-termination. Such values were probably
silently truncated to 127 bytes.

Also reject SNMP community values with ASCII NUL characters because some
of our code does not support such values.
lib/snmplib/snmp_msg.c diff | blob | blame | history
lib/snmplib/snmp_vars.c diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git