From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ptxdist-bounces@pengutronix.de>
Received: from mail.pqgruber.com ([178.189.19.235])
 by metis.ext.pengutronix.de with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2)
 (envelope-from <clemens.gruber@pqgruber.com>) id 1d1fNt-0007vn-Lb
 for ptxdist@pengutronix.de; Fri, 21 Apr 2017 22:42:29 +0200
From: Clemens Gruber <clemens.gruber@pqgruber.com>
Date: Fri, 21 Apr 2017 22:42:05 +0200
Message-Id: <20170421204206.31312-6-clemens.gruber@pqgruber.com>
In-Reply-To: <20170421204206.31312-1-clemens.gruber@pqgruber.com>
References: <20170421204206.31312-1-clemens.gruber@pqgruber.com>
Subject: [ptxdist] [PATCH 6/7] net-snmp: add patch for CVE-2015-5621
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ptxdist-bounces@pengutronix.de
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Clemens Gruber <clemens.gruber@pqgruber.com>

U2lnbmVkLW9mZi1ieTogQ2xlbWVucyBHcnViZXIgPGNsZW1lbnMuZ3J1YmVyQHBxZ3J1YmVyLmNv
bT4KLS0tCiAuLi4wMi1CdWctNzg4OTY0LW5ldC1zbm1wLXNubXBfcGR1X3BhcnNlLURvUy5wYXRj
aCB8IDEyOCArKysrKysrKysrKysrKysrKysrKysKIHBhdGNoZXMvbmV0LXNubXAtNS43LjMvc2Vy
aWVzICAgICAgICAgICAgICAgICAgICAgIHwgICAzICstCiAyIGZpbGVzIGNoYW5nZWQsIDEzMCBp
bnNlcnRpb25zKCspLCAxIGRlbGV0aW9uKC0pCiBjcmVhdGUgbW9kZSAxMDA2NDQgcGF0Y2hlcy9u
ZXQtc25tcC01LjcuMy8wMDAyLUJ1Zy03ODg5NjQtbmV0LXNubXAtc25tcF9wZHVfcGFyc2UtRG9T
LnBhdGNoCgpkaWZmIC0tZ2l0IGEvcGF0Y2hlcy9uZXQtc25tcC01LjcuMy8wMDAyLUJ1Zy03ODg5
NjQtbmV0LXNubXAtc25tcF9wZHVfcGFyc2UtRG9TLnBhdGNoIGIvcGF0Y2hlcy9uZXQtc25tcC01
LjcuMy8wMDAyLUJ1Zy03ODg5NjQtbmV0LXNubXAtc25tcF9wZHVfcGFyc2UtRG9TLnBhdGNoCm5l
dyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAwMC4uN2I4MDQ1NzZiCi0tLSAvZGV2L251
bGwKKysrIGIvcGF0Y2hlcy9uZXQtc25tcC01LjcuMy8wMDAyLUJ1Zy03ODg5NjQtbmV0LXNubXAt
c25tcF9wZHVfcGFyc2UtRG9TLnBhdGNoCkBAIC0wLDAgKzEsMTI4IEBACitGcm9tOiBIaWRla2kg
WWFtYW5lIDxoZW5yaWNoQGRlYmlhbi5vcmc+CitEYXRlOiBUaHUsIDE4IEp1biAyMDE1IDA2OjIx
OjIwICswOTAwCitTdWJqZWN0OiBbUEFUQ0hdIEJ1ZyM3ODg5NjQ6IG5ldC1zbm1wIHNubXBfcGR1
X3BhcnNlKCkgRG9TCisKK3Rha2VuIHBhdGNoIGZyb20gaHR0cHM6Ly9zb3VyY2Vmb3JnZS5uZXQv
cC9uZXQtc25tcC9jb2RlL2NpL2YyM2JjZDNhYzZkZGVlNWQwYTQ4Zjk3MDMwMDdjY2M3Mzg5MTQ3
OTEvCistLS0KKyBzbm1wbGliL3NubXBfYXBpLmMgfCA1NSArKysrKysrKysrKysrKysrKysrKysr
KysrKystLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KKyAxIGZpbGUgY2hhbmdlZCwgMjggaW5z
ZXJ0aW9ucygrKSwgMjcgZGVsZXRpb25zKC0pCisKK2RpZmYgLS1naXQgYS9zbm1wbGliL3NubXBf
YXBpLmMgYi9zbm1wbGliL3NubXBfYXBpLmMKK2luZGV4IDE5MWRlYmYwOWEzZC4uYWRhZTRlNGE5
NTUwIDEwMDY0NAorLS0tIGEvc25tcGxpYi9zbm1wX2FwaS5jCisrKysgYi9zbm1wbGliL3NubXBf
YXBpLmMKK0BAIC00MzUwLDEwICs0MzUwLDkgQEAgc25tcF9wZHVfcGFyc2UobmV0c25tcF9wZHUg
KnBkdSwgdV9jaGFyICogZGF0YSwgc2l6ZV90ICogbGVuZ3RoKQorICAgICB1X2NoYXIgICAgICAg
ICAgdHlwZTsKKyAgICAgdV9jaGFyICAgICAgICAgIG1zZ190eXBlOworICAgICB1X2NoYXIgICAg
ICAgICAqdmFyX3ZhbDsKKy0gICAgaW50ICAgICAgICAgICAgIGJhZHR5cGUgPSAwOworICAgICBz
aXplX3QgICAgICAgICAgbGVuOworICAgICBzaXplX3QgICAgICAgICAgZm91cjsKKy0gICAgbmV0
c25tcF92YXJpYWJsZV9saXN0ICp2cCA9IE5VTEw7CisrICAgIG5ldHNubXBfdmFyaWFibGVfbGlz
dCAqdnAgPSBOVUxMLCAqdnBsYXN0ID0gTlVMTDsKKyAgICAgb2lkICAgICAgICAgICAgIG9iamlk
W01BWF9PSURfTEVOXTsKKyAgICAgdV9jaGFyICAgICAgICAgKnA7CisgCitAQCAtNDQ5MywzOCAr
NDQ5MiwyNCBAQCBzbm1wX3BkdV9wYXJzZShuZXRzbm1wX3BkdSAqcGR1LCB1X2NoYXIgKiBkYXRh
LCBzaXplX3QgKiBsZW5ndGgpCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKEFTTl9T
RVFVRU5DRSB8IEFTTl9DT05TVFJVQ1RPUiksCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgInZhcmJpbmRzIik7CisgICAgIGlmIChkYXRhID09IE5VTEwpCistICAgICAgICByZXR1cm4g
LTE7CisrICAgICAgICBnb3RvIGZhaWw7CisgCisgICAgIC8qCisgICAgICAqIGdldCBlYWNoIHZh
ckJpbmQgc2VxdWVuY2UgCisgICAgICAqLworICAgICB3aGlsZSAoKGludCkgKmxlbmd0aCA+IDAp
IHsKKy0gICAgICAgIG5ldHNubXBfdmFyaWFibGVfbGlzdCAqdnB0ZW1wOworLSAgICAgICAgdnB0
ZW1wID0gKG5ldHNubXBfdmFyaWFibGVfbGlzdCAqKSBtYWxsb2Moc2l6ZW9mKCp2cHRlbXApKTsK
Ky0gICAgICAgIGlmIChOVUxMID09IHZwdGVtcCkgeworLSAgICAgICAgICAgIHJldHVybiAtMTsK
Ky0gICAgICAgIH0KKy0gICAgICAgIGlmIChOVUxMID09IHZwKSB7CistICAgICAgICAgICAgcGR1
LT52YXJpYWJsZXMgPSB2cHRlbXA7CistICAgICAgICB9IGVsc2UgeworLSAgICAgICAgICAgIHZw
LT5uZXh0X3ZhcmlhYmxlID0gdnB0ZW1wOworLSAgICAgICAgfQorLSAgICAgICAgdnAgPSB2cHRl
bXA7CisrICAgICAgICB2cCA9IFNOTVBfTUFMTE9DX1RZUEVERUYobmV0c25tcF92YXJpYWJsZV9s
aXN0KTsKKysgICAgICAgIGlmIChOVUxMID09IHZwKQorKyAgICAgICAgICAgIGdvdG8gZmFpbDsK
KyAKKy0gICAgICAgIHZwLT5uZXh0X3ZhcmlhYmxlID0gTlVMTDsKKy0gICAgICAgIHZwLT52YWwu
c3RyaW5nID0gTlVMTDsKKyAgICAgICAgIHZwLT5uYW1lX2xlbmd0aCA9IE1BWF9PSURfTEVOOwor
LSAgICAgICAgdnAtPm5hbWUgPSBOVUxMOworLSAgICAgICAgdnAtPmluZGV4ID0gMDsKKy0gICAg
ICAgIHZwLT5kYXRhID0gTlVMTDsKKy0gICAgICAgIHZwLT5kYXRhRnJlZUhvb2sgPSBOVUxMOwor
ICAgICAgICAgREVCVUdEVU1QU0VDVElPTigicmVjdiIsICJWYXJCaW5kIik7CisgICAgICAgICBk
YXRhID0gc25tcF9wYXJzZV92YXJfb3AoZGF0YSwgb2JqaWQsICZ2cC0+bmFtZV9sZW5ndGgsICZ2
cC0+dHlwZSwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAmdnAtPnZhbF9sZW4s
ICZ2YXJfdmFsLCBsZW5ndGgpOworICAgICAgICAgaWYgKGRhdGEgPT0gTlVMTCkKKy0gICAgICAg
ICAgICByZXR1cm4gLTE7CisrICAgICAgICAgICAgZ290byBmYWlsOworICAgICAgICAgaWYgKHNu
bXBfc2V0X3Zhcl9vYmppZCh2cCwgb2JqaWQsIHZwLT5uYW1lX2xlbmd0aCkpCistICAgICAgICAg
ICAgcmV0dXJuIC0xOworKyAgICAgICAgICAgIGdvdG8gZmFpbDsKKyAKKyAgICAgICAgIGxlbiA9
IE1BWF9QQUNLRVRfTEVOR1RIOworICAgICAgICAgREVCVUdEVU1QSEVBREVSKCJyZWN2IiwgIlZh
bHVlIik7CitAQCAtNDYwNCw3ICs0NTg5LDcgQEAgc25tcF9wZHVfcGFyc2UobmV0c25tcF9wZHUg
KnBkdSwgdV9jaGFyICogZGF0YSwgc2l6ZV90ICogbGVuZ3RoKQorICAgICAgICAgICAgICAgICB2
cC0+dmFsLnN0cmluZyA9ICh1X2NoYXIgKikgbWFsbG9jKHZwLT52YWxfbGVuKTsKKyAgICAgICAg
ICAgICB9CisgICAgICAgICAgICAgaWYgKHZwLT52YWwuc3RyaW5nID09IE5VTEwpIHsKKy0gICAg
ICAgICAgICAgICAgcmV0dXJuIC0xOworKyAgICAgICAgICAgICAgICBnb3RvIGZhaWw7CisgICAg
ICAgICAgICAgfQorICAgICAgICAgICAgIHAgPSBhc25fcGFyc2Vfc3RyaW5nKHZhcl92YWwsICZs
ZW4sICZ2cC0+dHlwZSwgdnAtPnZhbC5zdHJpbmcsCisgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAmdnAtPnZhbF9sZW4pOworQEAgLTQ2MTksNyArNDYwNCw3IEBAIHNubXBfcGR1X3BhcnNl
KG5ldHNubXBfcGR1ICpwZHUsIHVfY2hhciAqIGRhdGEsIHNpemVfdCAqIGxlbmd0aCkKKyAgICAg
ICAgICAgICB2cC0+dmFsX2xlbiAqPSBzaXplb2Yob2lkKTsKKyAgICAgICAgICAgICB2cC0+dmFs
Lm9iamlkID0gKG9pZCAqKSBtYWxsb2ModnAtPnZhbF9sZW4pOworICAgICAgICAgICAgIGlmICh2
cC0+dmFsLm9iamlkID09IE5VTEwpIHsKKy0gICAgICAgICAgICAgICAgcmV0dXJuIC0xOworKyAg
ICAgICAgICAgICAgICBnb3RvIGZhaWw7CisgICAgICAgICAgICAgfQorICAgICAgICAgICAgIG1l
bW1vdmUodnAtPnZhbC5vYmppZCwgb2JqaWQsIHZwLT52YWxfbGVuKTsKKyAgICAgICAgICAgICBi
cmVhazsKK0BAIC00NjMxLDcgKzQ2MTYsNyBAQCBzbm1wX3BkdV9wYXJzZShuZXRzbm1wX3BkdSAq
cGR1LCB1X2NoYXIgKiBkYXRhLCBzaXplX3QgKiBsZW5ndGgpCisgICAgICAgICBjYXNlIEFTTl9C
SVRfU1RSOgorICAgICAgICAgICAgIHZwLT52YWwuYml0c3RyaW5nID0gKHVfY2hhciAqKSBtYWxs
b2ModnAtPnZhbF9sZW4pOworICAgICAgICAgICAgIGlmICh2cC0+dmFsLmJpdHN0cmluZyA9PSBO
VUxMKSB7CistICAgICAgICAgICAgICAgIHJldHVybiAtMTsKKysgICAgICAgICAgICAgICAgZ290
byBmYWlsOworICAgICAgICAgICAgIH0KKyAgICAgICAgICAgICBwID0gYXNuX3BhcnNlX2JpdHN0
cmluZyh2YXJfdmFsLCAmbGVuLCAmdnAtPnR5cGUsCisgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICB2cC0+dmFsLmJpdHN0cmluZywgJnZwLT52YWxfbGVuKTsKK0BAIC00NjQwLDEyICs0
NjI1LDI4IEBAIHNubXBfcGR1X3BhcnNlKG5ldHNubXBfcGR1ICpwZHUsIHVfY2hhciAqIGRhdGEs
IHNpemVfdCAqIGxlbmd0aCkKKyAgICAgICAgICAgICBicmVhazsKKyAgICAgICAgIGRlZmF1bHQ6
CisgICAgICAgICAgICAgc25tcF9sb2coTE9HX0VSUiwgImJhZCB0eXBlIHJldHVybmVkICgleClc
biIsIHZwLT50eXBlKTsKKy0gICAgICAgICAgICBiYWR0eXBlID0gLTE7CisrICAgICAgICAgICAg
Z290byBmYWlsOworICAgICAgICAgICAgIGJyZWFrOworICAgICAgICAgfQorICAgICAgICAgREVC
VUdJTkRFTlRBREQoLTQpOworKworKyAgICAgICAgaWYgKE5VTEwgPT0gdnBsYXN0KSB7CisrICAg
ICAgICAgICAgcGR1LT52YXJpYWJsZXMgPSB2cDsKKysgICAgICAgIH0gZWxzZSB7CisrICAgICAg
ICAgICAgdnBsYXN0LT5uZXh0X3ZhcmlhYmxlID0gdnA7CisrICAgICAgICB9CisrICAgICAgICB2
cGxhc3QgPSB2cDsKKysgICAgICAgIHZwID0gTlVMTDsKKyAgICAgfQorLSAgICByZXR1cm4gYmFk
dHlwZTsKKysgICAgcmV0dXJuIDA7CisrCisrICBmYWlsOgorKyAgICBERUJVR01TR1RMKCgicmVj
diIsICJlcnJvciB3aGlsZSBwYXJzaW5nIFZhckJpbmRMaXN0XG4iKSk7CisrICAgIC8qKiBpZiB3
ZSB3ZXJlIHBhcnNpbmcgYSB2YXIsIHJlbW92ZSBpdCBmcm9tIHRoZSBwZHUgYW5kIGZyZWUgaXQg
Ki8KKysgICAgaWYgKHZwKQorKyAgICAgICAgc25tcF9mcmVlX3Zhcih2cCk7CisrCisrICAgIHJl
dHVybiAtMTsKKyB9CisgCisgLyoKZGlmZiAtLWdpdCBhL3BhdGNoZXMvbmV0LXNubXAtNS43LjMv
c2VyaWVzIGIvcGF0Y2hlcy9uZXQtc25tcC01LjcuMy9zZXJpZXMKaW5kZXggMzAxZTE1Njg1Li41
NTUyZmUzNWEgMTAwNjQ0Ci0tLSBhL3BhdGNoZXMvbmV0LXNubXAtNS43LjMvc2VyaWVzCisrKyBi
L3BhdGNoZXMvbmV0LXNubXAtNS43LjMvc2VyaWVzCkBAIC0yLDcgKzIsOCBAQAogI3RhZzpiYXNl
IC0tc3RhcnQtbnVtYmVyIDEKICN0YWc6dXBzdHJlYW0gLS1zdGFydC1udW1iZXIgMQogMDAwMS1j
b25maWd1cmUtRWxpbWluYXRlLXRoZS1oYXJkLWNvZGVkLWxpYm5sLTMtaW5jbHVkZS1wLnBhdGNo
CiswMDAyLUJ1Zy03ODg5NjQtbmV0LXNubXAtc25tcF9wZHVfcGFyc2UtRG9TLnBhdGNoCiAjdGFn
OnB0eCAtLXN0YXJ0LW51bWJlciAyMDAKIDAyMDAtbmV0LXNubXAtY29uZmlnLWFkZC1TWVNST09U
LXN1cHBvcnQucGF0Y2gKIDAyMDEtRG9uLXQtZGlzYWJsZS11ZHAtYW5kLXRjcC13aGVuLWRpc2Fi
bGUtYWdlbnR4LWRvbS1zby5wYXRjaAotIyAxOTZmYWViMjg4ZjMyYjg1NzI0MDIzZjIwYjEyZGU5
MSAgLSBnaXQtcHR4LXBhdGNoZXMgbWFnaWMKKyMgYzVkNjljOTA2ZTBhMzQ4MTUwNDljODRmNzM1
OTBjYjIgIC0gZ2l0LXB0eC1wYXRjaGVzIG1hZ2ljCi0tIAoyLjEyLjIKCgpfX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwpwdHhkaXN0IG1haWxpbmcgbGlzdApw
dHhkaXN0QHBlbmd1dHJvbml4LmRl