On Tue, Mar 05, 2002 at 02:34:18AM -0800, Guy Harris wrote:
> CMU SNMP doesn't use an internal buffer in one of the offending
> routines; however
...
> so we'd probably still be vulnerable to buffer overflows if we used it.
Yes, we would.
> Requiring UCD SNMP 4.2.2 or later - or, to be more specific, requiring
> the "format into a dynamically-growing buffer" routines - would:
I've checked in changes to have Ethereal use the new "format into a
dynamically-growing buffer" routines. This means Ethereal can no longer
use CMU SNMP, nor can it use versions of UCD SNMP prior to 4.2.2. (This
allowed a bunch of code to be removed from "packet-snmp.c".)
If the current CVS version of Ethereal is statically linked with the
(not-yet-released) UCD SNMP 4.2.4, or if it's dynamically linked with
4.2.2 or later and run on a system with 4.2.4 shared libraries, it
should be invulnerable to problems in any of the PROTOS captures (it
didn't crash on any of them when I tested it with an older UCD SNMP with
the bug fixes for 4.2.4 in it).
