From f0c6917b24ac93196d5ab0117332241157a4d5b0 Mon Sep 17 00:00:00 2001 From: martijn Date: Tue, 13 Sep 2022 10:22:07 +0000 Subject: [PATCH] varbind was designed to allow both a ber NULL and a NULL pointer for value. The ber NULL case is there for when it was received via a PDU. The NULL pointer case can happen if application.c runs into a timeout or when a backend runs into problems. The NULL pointer case however was overlooked in appl_varbind_valid and results in an "missing value" error, (needlessly) terminating the connection to the backend. Found the hard way by Mischa Peters while stress testing agentx support for vmd. OK tb@, sthen@ --- usr.sbin/snmpd/application.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/usr.sbin/snmpd/application.c b/usr.sbin/snmpd/application.c index 479f44e7809..fe7b992d6a2 100644 --- a/usr.sbin/snmpd/application.c +++ b/usr.sbin/snmpd/application.c @@ -1,4 +1,4 @@ -/* $OpenBSD: application.c,v 1.15 2022/08/31 09:19:22 martijn Exp $ */ +/* $OpenBSD: application.c,v 1.16 2022/09/13 10:22:07 martijn Exp $ */ /* * Copyright (c) 2021 Martijn van Duren @@ -1170,8 +1170,11 @@ appl_varbind_valid(struct appl_varbind *varbind, struct appl_varbind *request, int eomv = 0; if (varbind->av_value == NULL) { - *errstr = "missing value"; - return 0; + if (!null) { + *errstr = "missing value"; + return 0; + } + return 1; } if (varbind->av_value->be_class == BER_CLASS_UNIVERSAL) { switch (varbind->av_value->be_type) { -- 2.20.1