[AGENT++] Small bug

[Karl Abicht]

Hi,

your code (vb.cpp):

// get an unsigned char array
// caller specifies max len of target space
int Vb::get_value(unsigned char *ptr, unsigned long &len,
		  const unsigned long maxlen) const
{
  if (iv_vb_value &&
      iv_vb_value->valid() &&
      (iv_vb_value->get_syntax() == sNMP_SYNTAX_OCTETS))
  {
    OctetStr *p_os = (OctetStr *)iv_vb_value;
    len = p_os->len();
    if (len > maxlen) len = maxlen;
    memcpy(ptr, p_os->data(), len);
    ptr[len] = 0;
    return SNMP_CLASS_SUCCESS;
  }

  ptr[0] = 0;
  len = 0;
  return SNMP_CLASS_INVALID;
}


The line ptr[len] sometimes writes behind the allowed maxlen.

len <  maxlen ==> ok
len == maxlen ==> trouble 
len >  maxlen ==> trouble


Regards

Karl

-- 
Dipl.-Ing. Karl Abicht
Eichenweg 11
25582 Hohenaspe

mailto: karl at abicht.net
phone: +49 4893 373115
mobile: +49 172 4566432
site: http://www.abicht.net