Re: snmp_api.c bug

Thu, 17 Jun 2004 18:08:54 -0700 

Your description and accompanying patch were added to bug repository.

Reference bug # [ 975063 ] snmp_sess_close NULL deref

The patch was applicable to all 5.x branches and will appear
in the next release.

-Mike Slifcak

Bosko Milekic wrote: 
Hi,

  My snmptrapd setup has a trap default forward entry to another
  machine, in addition to various trap handlers.

  Under heavy "trap load" (e.g., LOTS of incoming traps for
  linkups/linkdowns from a NAS), I see snmptrapd occasionally crash and
  dump core.  After some investigation, the problem appears to be a NULL
  pointer dereference following a failed calloc() call.  I've found at
  least one problem and a small fix is attached below.

Here is a stack trace:

#0  0x2823c0e7 in snmp_sess_close () from /usr/local/lib/libnetsnmp.so.6
#1  0x2823aaf3 in _sess_copy () from /usr/local/lib/libnetsnmp.so.6
#2  0x2823b145 in snmp_sess_copy () from /usr/local/lib/libnetsnmp.so.6
#3  0x2823b7ce in _sess_open () from /usr/local/lib/libnetsnmp.so.6
#4  0x2823bc71 in snmp_sess_open () from /usr/local/lib/libnetsnmp.so.6
#5  0x2823a9d7 in snmp_open () from /usr/local/lib/libnetsnmp.so.6
#6  0x281252ca in forward_handler () from
/usr/local/lib/libnetsnmptrapd.so.6
#7  0x28125720 in snmp_input () from /usr/local/lib/libnetsnmptrapd.so.6
#8  0x28248728 in _sess_process_packet () from
/usr/local/lib/libnetsnmp.so.6
#9  0x2824957b in _sess_read () from /usr/local/lib/libnetsnmp.so.6
#10 0x282495c4 in snmp_sess_read () from /usr/local/lib/libnetsnmp.so.6
#11 0x28248872 in snmp_read () from /usr/local/lib/libnetsnmp.so.6
#12 0x0805b36c in main ()
#13 0x08059fee in _start ()

  What happens is that _sess_copy() fails on one of the first calloc()s
  and ends up calling snmp_sess_close(), which tries to dereference
  slp->session but which is, in this particular code path, NULL.  The
  patch below adds an additional check in snmp_sess_close().

  Again, I'm not subscribed to this list, so please keep me in your CCs.

Regards, 




-------------------------------------------------------
This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA
REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND
_______________________________________________
Net-snmp-coders mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to