net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

--- a/lib/smi.c
+++ b/lib/smi.c
@@ -1793,10 +1793,15 @@
     }
 
     if (isdigit((int)node2[0])) {
-	for (oidlen = 0, p = strtok(node2, ". "); p;
+	for (oidlen = 0, p = strtok(node2, ". ");
+	     p && oidlen < sizeof(oid)/sizeof(oid[0]);
 	     oidlen++, p = strtok(NULL, ". ")) {
 	    oid[oidlen] = strtoul(p, NULL, 0);
 	}
+	if (p) {
+	    /* the numeric OID is too long */
+	    return NULL;
+	}
 	nodePtr = getNode(oidlen, oid);
 	if (nodePtr) {
 	    if (modulePtr) {