From cd4481422b674496301a7e30f11c066122814163 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Fri, 3 Jan 2025 11:41:11 +0000 Subject: [PATCH] Fix GH-17330: SNMP::setSecurity segfaults when object had been closed. checking when the workflow needs to deal with an existing SNMP session. close GH-17337 --- NEWS | 4 ++++ ext/snmp/snmp.c | 4 ++++ ext/snmp/tests/gh17330.phpt | 18 ++++++++++++++++++ 3 files changed, 26 insertions(+) create mode 100644 ext/snmp/tests/gh17330.phpt diff --git a/NEWS b/NEWS index ac262fcb1bb..911e91074e9 100644 --- a/NEWS +++ b/NEWS @@ -98,6 +98,10 @@ PHP NEWS . Fixed bug GH-17153 (SimpleXML crash when using autovivification on document). (nielsdos) +- SNMP: + . Fixed bug GH-17330 (SNMP::setSecurity segfault on closed session). + (David Carlier) + - Sockets: . Fixed bug GH-16276 (socket_strerror overflow handling with INT_MIN). (David Carlier / cmb) diff --git a/ext/snmp/snmp.c b/ext/snmp/snmp.c index 2e18d8e0128..b5bb9f91745 100644 --- a/ext/snmp/snmp.c +++ b/ext/snmp/snmp.c @@ -1660,6 +1660,10 @@ PHP_METHOD(SNMP, setSecurity) zend_string *a1 = NULL, *a2 = NULL, *a3 = NULL, *a4 = NULL, *a5 = NULL, *a6 = NULL, *a7 = NULL; snmp_object = Z_SNMP_P(object); + if (!snmp_object->session) { + zend_throw_error(NULL, "Invalid or uninitialized SNMP object"); + RETURN_THROWS(); + } if (zend_parse_parameters(ZEND_NUM_ARGS(), "S|SSSSSS", &a1, &a2, &a3, &a4,&a5, &a6, &a7) == FAILURE) { RETURN_THROWS(); diff --git a/ext/snmp/tests/gh17330.phpt b/ext/snmp/tests/gh17330.phpt new file mode 100644 index 00000000000..a6f077a9c86 --- /dev/null +++ b/ext/snmp/tests/gh17330.phpt @@ -0,0 +1,18 @@ +--TEST-- +SNMP::setSecurity() segfault when the object had been closed. +--EXTENSIONS-- +snmp +--CREDITS-- +YuanchengJiang +--FILE-- +close(); +try { + $session->setSecurity('authPriv', 'MD5', '', 'AES', ''); +} catch(Error $e) { + echo $e->getMessage(); +} +?> +--EXPECT-- +Invalid or uninitialized SNMP object