openbsd/ports
1
0
Fork 0
mirror of https://github.com/openbsd/ports.git synced 2026-06-17 23:13:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

cherrypick a couple of upstream commits

Browse Source
This commit is contained in:
sthen
2026-01-20 13:25:38 +00:00
parent 14902489d9
commit 5a6f3fddc5
3 changed files with 74 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/net-snmp/Makefile
+1
View File
@@ -2,6 +2,7 @@ COMMENT-main= extendable SNMP implementation
COMMENT-tkmib= graphical SNMP MIB browser
V= 5.9.5.2
REVISION-main= 0
DISTNAME= net-snmp-${V:S/pre/.pre/}
MULTI_PACKAGES= -main -tkmib
PKGNAME-main= net-snmp-$V
net/net-snmp/patches/patch-net-snmp-config_in
+53
View File
@@ -0,0 +1,53 @@
From ffb86569d3bd5f3d5727b1d7562a26d9774ba1ce Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Mon, 5 Jan 2026 03:32:18 -0800
Subject: [PATCH] net-snmp-config.in: Filter compiler flags
Index: net-snmp-config.in
--- net-snmp-config.in.orig
+++ net-snmp-config.in
@@ -27,6 +27,22 @@ check_build_dir()
fi
}
+filter_cflags()
+{
+ read -r all_cflags
+ for cflag in ${all_cflags}; do
+ case "$cflag" in
+ -fsanitize*)
+ echo -n "$cflag ";;
+ -f*|-g*|-O*|-pipe|-W*|-I.)
+ ;;
+ *)
+ echo -n "$cflag ";;
+ esac
+ done
+ echo
+}
+
# usage: index n arguments
# effect: returns the (n+1)th argument
index()
@@ -143,10 +159,10 @@ else
;;
#################################################### compile
--base-cflags)
- echo @CFLAGS@ @CPPFLAGS@ -I${NSC_INCLUDEDIR}
+ echo @CFLAGS@ @CPPFLAGS@ -I${NSC_INCLUDEDIR} | filter_cflags
;;
--cflags|--cf*)
- echo @CFLAGS@ @DEVFLAGS@ @CPPFLAGS@ -I. -I${NSC_INCLUDEDIR}
+ echo @CFLAGS@ @DEVFLAGS@ @CPPFLAGS@ -I. -I${NSC_INCLUDEDIR} | filter_cflags
;;
--srcdir)
echo $NSC_SRCDIR
@@ -188,7 +204,7 @@ else
echo $result
;;
--build-command)
- echo "@CC@ @CFLAGS@ @DEVFLAGS@ @CPPFLAGS@"
+ echo "@CC@ @CFLAGS@ @DEVFLAGS@ @CPPFLAGS@" | filter_cflags
;;
#################################################### client lib
--libs)
net/net-snmp/patches/patch-snmplib_snmptsm_c
+20
View File
@@ -0,0 +1,20 @@
From 1d9f04ad83ca5b0140b35bb6995637c6fc6d39b7 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Tue, 6 Jan 2026 06:45:19 -0700
Subject: [PATCH] libsnmp: Fix a stack buffer overflow
Do not read past the end of the stack array ourEngineID.
Index: snmplib/snmptsm.c
--- snmplib/snmptsm.c.orig
+++ snmplib/snmptsm.c
@@ -416,7 +416,8 @@ tsm_process_in_msg(struct snmp_secmod_incoming_params
ourEngineID_len =
snmpv3_get_engineID((u_char*) ourEngineID, ourEngineID_len);
netsnmp_assert_or_return(ourEngineID_len != 0 &&
- ourEngineID_len <= *parms->secEngineIDLen,
+ ourEngineID_len <= *parms->secEngineIDLen &&
+ *parms->secEngineIDLen <= sizeof(ourEngineID),
SNMPERR_GENERR);
memcpy(parms->secEngineID, ourEngineID, *parms->secEngineIDLen);