new file mode 100644

@@ -0,0 +1,121 @@

+--- a/snmplib/snmp_api.c

+@@ -4350,10 +4350,9 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char * data, size_t * length)

+     u_char          type;

+     u_char          msg_type;

+     u_char         *var_val;

+-    int             badtype = 0;

+     size_t          len;

+     size_t          four;

+-    netsnmp_variable_list *vp = NULL;

++    netsnmp_variable_list *vp = NULL, *vplast = NULL;

+     oid             objid[MAX_OID_LEN];

+     u_char         *p;

+ 

+@@ -4493,40 +4681,26 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char * data, size_t * length)

+                               (ASN_SEQUENCE | ASN_CONSTRUCTOR),

+                               "varbinds");

+     if (data == NULL)

+-        return -1;

++        goto fail;

+ 

+     /*

+      * get each varBind sequence 

+      */

+     while ((int) *length > 0) {

+-        netsnmp_variable_list *vptemp;

+-        vptemp = (netsnmp_variable_list *) malloc(sizeof(*vptemp));

+-        if (NULL == vptemp) {

+-            return -1;

+-        }

+-        if (NULL == vp) {

+-            pdu->variables = vptemp;

+-        } else {

+-            vp->next_variable = vptemp;

+-        }

+-        vp = vptemp;

++        vp = SNMP_MALLOC_TYPEDEF(netsnmp_variable_list);

++        if (NULL == vp)

++            goto fail;

+ 

+-        vp->next_variable = NULL;

+-        vp->val.string = NULL;

+         vp->name_length = MAX_OID_LEN;

+-        vp->name = NULL;

+-        vp->index = 0;

+-        vp->data = NULL;

+-        vp->dataFreeHook = NULL;

+         DEBUGDUMPSECTION("recv", "VarBind");

+         data = snmp_parse_var_op(data, objid, &vp->name_length, &vp->type,

+                                  &vp->val_len, &var_val, length);

+         if (data == NULL)

+-            return -1;

++            goto fail;

+         if (snmp_set_var_objid(vp, objid, vp->name_length))

+-            return -1;

++            goto fail;

+ 

+         len = MAX_PACKET_LENGTH;

+         DEBUGDUMPHEADER("recv", "Value");

+         switch ((short) vp->type) {

+         case ASN_INTEGER:

+@@ -4533,7 +4533,7 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char * data, size_t * length)

+                 vp->val.string = (u_char *) malloc(vp->val_len);

+             }

+             if (vp->val.string == NULL) {

+-                return -1;

++                goto fail;

+             }

+             p = asn_parse_string(var_val, &len, &vp->type, vp->val.string,

+                              &vp->val_len);

+@@ -4541,7 +4526,7 @@

+             vp->val_len *= sizeof(oid);

+             vp->val.objid = (oid *) malloc(vp->val_len);

+             if (vp->val.objid == NULL) {

+-                return -1;

++                goto fail;

+             }

+             memmove(vp->val.objid, objid, vp->val_len);

+             break;

+@@ -4631,21 +4631,37 @@ snmp_pdu_parse(netsnmp_pdu *pdu, u_char * data, size_t * length)

+         case ASN_BIT_STR:

+             vp->val.bitstring = (u_char *) malloc(vp->val_len);

+             if (vp->val.bitstring == NULL) {

+-                return -1;

++                goto fail;

+             }

+             p = asn_parse_bitstring(var_val, &len, &vp->type,

+                                 vp->val.bitstring, &vp->val_len);

+             if (!p)

+-                return -1;

++                goto fail;

+             break;

+         default:

+             snmp_log(LOG_ERR, "bad type returned (%x)\n", vp->type);

+-            badtype = -1;

++            goto fail;

+             break;

+         }

+         DEBUGINDENTADD(-4);

++

++        if (NULL == vplast) {

++            pdu->variables = vp;

++        } else {

++            vplast->next_variable = vp;

++        }

++        vplast = vp;

++        vp = NULL;

+     }

+-    return badtype;

++    return 0;

++

++  fail:

++    DEBUGMSGTL(("recv", "error while parsing VarBindList\n"));

++    /** if we were parsing a var, remove it from the pdu and free it */

++    if (vp)

++        snmp_free_var(vp);

++

++    return -1;

+ }

+ 

+ /*

@@ -1,22 +1,23 @@

 %global __requires_exclude perl\\(.*\\)

-Summary:	Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6. 

-Name:		net-snmp   

-Version:	5.7.3

-Release:	7%{?dist}

-License:	BSD (like)  

-URL:		http://net-snmp.sourceforge.net/

-Group:		Productivity/Networking/Other

-Vendor:		VMware, Inc.

-Distribution:	Photon

-Source0:	http://sourceforge.net/projects/%{name}/files/%{name}/%{version}/%{name}-%{version}.tar.gz

+Summary:        Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.

+Name:           net-snmp

+Version:        5.7.3

+Release:        8%{?dist}

+License:        BSD (like)

+URL:            http://net-snmp.sourceforge.net/

+Group:          Productivity/Networking/Other

+Vendor:         VMware, Inc.

+Distribution:   Photon

+Source0:        http://sourceforge.net/projects/%{name}/files/%{name}/%{version}/%{name}-%{version}.tar.gz

 %define sha1 net-snmp=97dc25077257680815de44e34128d365c76bd839

-Source1:	snmpd.service

-Source2:	snmptrapd.service

-Patch1: 	net-snmp-5.7.2-systemd.patch

+Source1:        snmpd.service

+Source2:        snmptrapd.service

+Patch1:         net-snmp-5.7.2-systemd.patch

 Patch2:         net-snmp-remove-u64-typedef.patch

 Patch3:         net-snmp-fix-perl-module-compilation.patch

-BuildRequires:	openssl-devel perl systemd

-Requires:	perl systemd

+Patch4:         net-snmp-CVE-2018-1000116.patch

+BuildRequires:  openssl-devel perl systemd

+Requires:       perl systemd

 %description

  Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.

@@ -33,22 +34,23 @@ The net-snmp-devel package contains headers and libraries for building SNMP appl

 %patch1 -p1

 %patch2 -p1

 %patch3 -p1

+%patch4 -p1

 %build

 ./configure --prefix=%{_prefix} \

-		--host=ia64-linux \

-		--build=i686 \

-		--target=ia64-linux \

-		--sbindir=/sbin \

-		--with-sys-location="unknown" \

-		--with-logfile=/var/log/net-snmpd.log \

-		--with-persistent-directory=/var/lib/net-snmp \

-		--with-sys-contact="root@localhost" \

-		--with-defaults \

-		--with-systemd \

-		--disable-static \

-		--with-x=no \

-		--enable-as-needed

+                --host=ia64-linux \

+                --build=i686 \

+                --target=ia64-linux \

+                --sbindir=/sbin \

+                --with-sys-location="unknown" \

+                --with-logfile=/var/log/net-snmpd.log \

+                --with-persistent-directory=/var/lib/net-snmp \

+                --with-sys-contact="root@localhost" \

+                --with-defaults \

+                --with-systemd \

+                --disable-static \

+                --with-x=no \

+                --enable-as-needed

 make

 %install

@@ -96,17 +98,19 @@ rm -rf %{buildroot}/*

 %exclude /usr/lib/perl5/5.22.1/x86_64-linux-thread-multi/perllocal.pod

 %changelog

-*	Mon Jul 24 2017 Dheeraj Shetty <dheerajs@vmware.com> 5.7.3-7

--	Make service file a different source

-*	Tue Apr 04 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 5.7.3-6

--	Patch to remove U64 typedef

-*       Mon Oct 04 2016 ChangLee <changLee@vmware.com> 5.7.3-5

--       Modified %check

-*       Thu May 26 2016 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 5.7.3-4

--	Excluded the perllocal.pod log.

-*	Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 5.7.3-3

--	GA - Bump release of all rpms

-*	Wed May 04 2016 Nick Shi <nshi@vmware.com> 5.7.3-2

--	Add snmpd and snmptrapd to systemd service.

-*	Mon Nov 30 2015 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 5.7.3-1

--	Initial build.	First version

+*   Mon Apr 16 2018 Xiaolin Li <xiaolinl@vmware.com> 5.7.3-8

+-   Apply patch for CVE-2018-1000116

+*   Mon Jul 24 2017 Dheeraj Shetty <dheerajs@vmware.com> 5.7.3-7

+-   Make service file a different source

+*   Tue Apr 04 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 5.7.3-6

+-   Patch to remove U64 typedef

+*   Mon Oct 04 2016 ChangLee <changLee@vmware.com> 5.7.3-5

+-   Modified %check

+*   Thu May 26 2016 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 5.7.3-4

+-   Excluded the perllocal.pod log.

+*   Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 5.7.3-3

+-   GA - Bump release of all rpms

+*   Wed May 04 2016 Nick Shi <nshi@vmware.com> 5.7.3-2

+-   Add snmpd and snmptrapd to systemd service.

+*   Mon Nov 30 2015 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 5.7.3-1

+-   Initial build.  First version