Resolves: #1366282 - use strtok_r for strtok to avoid a race condition

This commit is contained in:
Josef Ridky 2016-08-12 13:09:04 +02:00
parent 778f5c09a1
commit d353462c74
2 changed files with 23 additions and 0 deletions

View File

@ -0,0 +1,19 @@
diff -urNp net-snmp-5.7.3/snmplib/snmp_transport.c net-snmp-5.7.3.new/snmplib/snmp_transport.c
--- net-snmp-5.7.3/snmplib/snmp_transport.c 2014-12-08 21:23:22.000000000 +0100
+++ net-snmp-5.7.3.new/snmplib/snmp_transport.c 2016-08-12 13:04:35.438583586 +0200
@@ -594,12 +594,13 @@ netsnmp_tdomain_transport_full(const cha
int commas = 0;
const char *cp = default_domain;
char *dup = strdup(default_domain);
+ char *ptr = NULL;
while (*++cp) if (*cp == ',') commas++;
lspec = calloc(commas+2, sizeof(char *));
commas = 1;
- lspec[0] = strtok(dup, ",");
- while ((lspec[commas++] = strtok(NULL, ",")))
+ lspec[0] = strtok_r(dup, ",", &ptr);
+ while ((lspec[commas++] = strtok_r(NULL, ",", &ptr)))
;
spec = (const char * const *)lspec;
}

View File

@ -49,6 +49,8 @@ Patch14: net-snmp-5.7.3-Remove-U64-typedef.patch
# Fixed Makefile.PL to build against Perl 5.24 # Fixed Makefile.PL to build against Perl 5.24
# For more info: https://rt.perl.org/Public/Bug/Display.html?id=125907 # For more info: https://rt.perl.org/Public/Bug/Display.html?id=125907
Patch15: net-snmp-5.7.3-Fix-Makefile-PL.patch Patch15: net-snmp-5.7.3-Fix-Makefile-PL.patch
# Use strtok_r for strtok to avoid a race condition
Patch16: net-snmp-5.7.3-strtok-r.patch
Requires(post): chkconfig Requires(post): chkconfig
Requires(preun): chkconfig Requires(preun): chkconfig
@ -221,6 +223,7 @@ cp %{SOURCE12} .
%patch13 -p1 -b .cflags %patch13 -p1 -b .cflags
%patch14 -p1 -b .U64 %patch14 -p1 -b .U64
%patch15 -p1 -b .make %patch15 -p1 -b .make
%patch16 -p1 -b .strtok-r
%ifarch sparc64 s390 s390x %ifarch sparc64 s390 s390x
# disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697 # disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697
@ -530,6 +533,7 @@ rm -rf ${RPM_BUILD_ROOT}
%changelog %changelog
* Fri Aug 12 2016 Josef Ridky <jridky@redhat.com> - 1:5.7.3-13 * Fri Aug 12 2016 Josef Ridky <jridky@redhat.com> - 1:5.7.3-13
- net-snmp.redhat.conf: update default configuration to conform to the best practices (#1359123) - net-snmp.redhat.conf: update default configuration to conform to the best practices (#1359123)
- nmp_transport.c: use strtok_r for strtok to avoid a race condition (#1366282)
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:5.7.3-12 * Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:5.7.3-12
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages