74660 – libwrap: The comparison against an IP addres is not stripped down to an ip address.

Bug 74660 - libwrap: The comparison against an IP addres is not stripped down to an ip address.

Summary: libwrap: The comparison against an IP addres is not stripped down to an ip ad...

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	net-snmp
Sub Component:
Version:	8.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Phil Knirsch
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2002-09-30 01:12 UTC by James Antill
Modified:	2015-03-05 01:11 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2003-08-13 13:49:09 UTC
Embargoed:

Attachments	(Terms of Use)
Sorry, wrong file uploaded (9.07 KB, text/plain) 2003-03-07 17:19 UTC, Joerg Dorchain	no flags	Details
This time it is for real the proper patch file (2.28 KB, patch) 2003-03-07 17:24 UTC, Joerg Dorchain	no flags	Details \| Diff
Show Obsolete (1) View All

Description James Antill 2002-09-30 01:12:17 UTC

Description of Problem:
 On 7.3 having an entry like...

snmpd: 63.113.167.33

...will (asusming hosts.deny has just "ALL : ALL" in it) only allow access from
63.113.167.33 to the snmpd daemon.

 However on 8.0 it doesn't, and an ltrace gives...

fgets("snmpd: 63.113.167.33\n", 2048, 0x08291c40) = 0xbfffdd20
strlen("snmpd: 63.113.167.33\n")                  = 21
strspn("snmpd: 63.113.167.33\n", " \t\r\n")       = 0
strtok(0xbfffdd20, 0x0805010b, 0, 0, 0)           = 0xbfffdd20
strcasecmp("snmpd", "EXCEPT")                     = 14
strncasecmp(0xbfffe614, 0x0804fafa, 7, 0, 0)      = 57
strchr("snmpd", '*')                              = NULL
strchr("snmpd", '?')                              = NULL
strcasecmp("snmpd", "ALL")                        = 18
strcasecmp("snmpd", "KNOWN")                      = 8
strlen("snmpd")                                   = 5
strcasecmp("snmpd", "snmpd")                      = 0
strtok(0, 0x0805010b, 0, 0, 0)                    = 0
strtok(0xbfffdd26, 0x0805010b, 0, 0, 0)           = 0xbfffdd27
strcasecmp("63.113.167.33", "EXCEPT")             = -47
strcasecmp("63.113.167.33", "KNOWN")              = -53
strcasecmp("63.113.167.33", "LOCAL")              = -54
strncasecmp(0xbfffe720, 0x0804fafa, 7, 0, 0)      = 59
strchr("63.113.167.33", '*')                      = NULL
strchr("63.113.167.33", '?')                      = NULL
strcasecmp("63.113.167.33", "ALL")                = -43
strcasecmp("63.113.167.33", "KNOWN")              = -53
strlen("63.113.167.33")                           = 13
strcasecmp("63.113.167.33", "udp:63.113.167.33:32833") = -63
strspn("63.113.167.33", "01234567890./")          = 13
strtok(0, 0x0805010b, 0, 0, 0)                    = 0

...here you can see that it is comparing against "udp:<ipaddres>:<port> which
isn't representable in the hosts.allow file (because ':' is used to seperate
fields).
 Note that this isn't a tcp_wrappers problem, as tcp_wrappers works fine in
other applications (see additional info.).

Version-Release number of selected component (if applicable):
tcp_wrappers-7.6-23

How Reproducible:
 Always

Steps to Reproduce:
 See above.

Actual Results:

Expected Results:

Additional Information:
 Also doing .and.org doesn't seem to do the right thing either.

 Here is the ltrace of the begining of the trace...

snmp_get_do_debugging(10, 0xbfffecb0, 0xbfffec30, 0xbfffebb0, 0) = 0
snmp_read(0xbfffecb0, 0xbfffecb0, 0xbfffec30, 0xbfffebb0, 0 <unfinished ...>
strcpy(0xbfffe614, "unknown")                     = 0xbfffe614
getpid()                                          = 1719
sprintf("1719", "%d", 1719)                       = 4
strncpy(0xbfffe614, "snmpd", 128)                 = 0xbfffe614
strncpy(0xbfffe6a0, "unknown", 128)               = 0xbfffe6a0
strncpy(0xbfffe720, "udp:63.113.167.33:32833", 128) = 0xbfffe720
strncpy(0xbfffe594, "unknown", 128)               = 0xbfffe594

...the third strncpy() is the problem, and is triggered by some code inside snmpd.

Comment 1 Joerg Dorchain 2003-03-07 17:17:49 UTC

The attached patch works for me and also fixes a typo
It also applies to current rawhide
I also took the freedom to add the buzzword libwrap to the summary is better
query results

Comment 2 Joerg Dorchain 2003-03-07 17:19:11 UTC

Created attachment 90514 [details]
Sorry, wrong file uploaded

Comment 3 Joerg Dorchain 2003-03-07 17:24:14 UTC

Created attachment 90515 [details]
This time it is for real the proper patch file

to be applied to the extracted src.rpm

Comment 4 Phil Knirsch 2003-08-13 13:49:09 UTC

Patch included in net-snmp-5.0.8-8 and later.

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.