From 4ba00765130a72336de0a136038e0a795df3b5d6 Mon Sep 17 00:00:00 2001
From: delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Date: Tue, 14 Jan 2014 19:10:38 +0000
Subject: [PATCH] MFS r260638 (MFC r260636):

Fix bsnmpd remote denial of service vulnerability.

Reported by:	dinoex
Submitted by:	harti
Security:	FreeBSD-SA-14:01.bsnmpd
Security:	CVE-2014-1452
Approved by:	re (gjb)


git-svn-id: svn://svn.freebsd.org/base/releng/10.0@260640 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
---
 contrib/bsnmp/lib/snmpagent.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/contrib/bsnmp/lib/snmpagent.c b/contrib/bsnmp/lib/snmpagent.c
index 888d6225..865b9b6f 100644
--- a/contrib/bsnmp/lib/snmpagent.c
+++ b/contrib/bsnmp/lib/snmpagent.c
@@ -499,6 +499,11 @@ snmp_getbulk(struct snmp_pdu *pdu, struct asn_buf *resp_b,
 	for (cnt = 0; cnt < pdu->error_index; cnt++) {
 		eomib = 1;
 		for (i = non_rep; i < pdu->nbindings; i++) {
+
+			if (resp->nbindings == SNMP_MAX_BINDINGS)
+				/* PDU is full */
+				goto done;
+
 			if (cnt == 0) 
 				result = do_getnext(&context, &pdu->bindings[i],
 				    &resp->bindings[resp->nbindings], pdu);
-- 
2.42.0