Hello all, we are experiencing segfault of snmpwalk (see below). It happens when we send OPAQUE double values of a high magnitude (e.g. 1.7976931348623157E308")
The value is sent as snmp_set_var_typed_value(request->requestvb, ASN_OPAQUE_DOUBLE, (u_char *)&double_value, sizeof(double_value)); and it is displayed correctly. snmpwalk and snmpget display values correctly and then crash. The bug seems to be in fprint_variable SNMPv2-SMI::enterprises.9.555.1.61.1.2.1.1.3.1 = Opaque: Float: 179769313486231570814527423731704356798070567525844996598917476803157260780028538760589558632766878171540458953514382464234321326889464182768467546703537516986049910576551282076245490090389328944075868508455133942304583236903222948165808559332123348274797826204144723168738177180919299881250404026184124858368.000000 *** glibc detected *** snmpwalk: free(): invalid next size (normal): 0x08051ad8 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7d907cd] /lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7d93e30] /usr/lib/libnetsnmp.so.9(fprint_variable+0xac)[0xb7eae75c] /usr/lib/libnetsnmp.so.9(print_variable+0x37)[0xb7eae7e7] snmpwalk[0x804929d] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xdc)[0xb7d3eebc] snmpwalk[0x8048b91] ======= Memory map: ======== 08048000-0804a000 r-xp 00000000 08:02 893435 /usr/bin/snmpwalk 0804a000-0804b000 rw-p 00001000 08:02 893435 /usr/bin/snmpwalk 0804b000-080ad000 rw-p 0804b000 00:00 0 [heap] b7a00000-b7a21000 rw-p b7a00000 00:00 0 b7a21000-b7b00000 ---p b7a21000 00:00 0 b7b71000-b7b7c000 r-xp 00000000 08:02 1179712 /lib/libgcc_s.so.1 b7b7c000-b7b7d000 rw-p 0000a000 08:02 1179712 /lib/libgcc_s.so.1 b7b88000-b7bc3000 r--p 00000000 08:02 3786021 /usr/lib/locale/en_US.utf8/LC_CTYPE b7bc3000-b7bcc000 r-xp 00000000 08:02 1213715 /lib/tls/i686/cmov/libnss_files-2.5.so b7bcc000-b7bce000 rw-p 00008000 08:02 1213715 /lib/tls/i686/cmov/libnss_files-2.5.so b7bce000-b7bcf000 rw-p b7bce000 00:00 0 b7bcf000-b7be2000 r-xp 00000000 08:02 2297175 /home/milan/topos/trunk/target/i686-os+sn+app-devtest-sn+devel/dir_struct/open-source/usr/local/lib/libz.so.1.2.3 b7be2000-b7be3000 rw-p 00012000 08:02 2297175 /home/milan/topos/trunk/target/i686-os+sn+app-devtest-sn+devel/dir_struct/open-source/usr/local/lib/libz.so.1.2.3 b7be3000-b7be5000 r-xp 00000000 08:02 1213704 /lib/tls/i686/cmov/libdl-2.5.so b7be5000-b7be7000 rw-p 00001000 08:02 1213704 /lib/tls/i686/cmov/libdl-2.5.so b7be7000-b7d11000 r-xp 00000000 08:02 3785395 /usr/lib/i686/cmov/libcrypto.so.0.9.8 b7d11000-b7d25000 rw-p 00129000 08:02 3785395 /usr/lib/i686/cmov/libcrypto.so.0.9.8 b7d25000-b7d29000 rw-p b7d25000 00:00 0 b7d29000-b7e64000 r-xp 00000000 08:02 1213698 /lib/tls/i686/cmov/libc-2.5.so b7e64000-b7e65000 r--p 0013b000 08:02 1213698 /lib/tls/i686/cmov/libc-2.5.so b7e65000-b7e67000 rw-p 0013c000 08:02 1213698 /lib/tls/i686/cmov/libc-2.5.so b7e67000-b7e6b000 rw-p b7e67000 00:00 0 b7e6b000-b7e90000 r-xp 00000000 08:02 1213706 /lib/tls/i686/cmov/libm-2.5.so b7e90000-b7e92000 rw-p 00024000 08:02 1213706 /lib/tls/i686/cmov/libm-2.5.so b7e92000-b7f19000 r-xp 00000000 08:02 3720981 /usr/lib/libnetsnmp.so.9.0.1 b7f19000-b7f1c000 rw-p 00086000 08:02 3720981 /usr/lib/libnetsnmp.so.9.0.1 b7f1c000-b7f3a000 rw-p b7f1c000 00:00 0 b7f3d000-b7f3e000 rw-p b7f3d000 00:00 0 b7f3e000-b7f45000 r--s 00000000 08:02 2244843 /usr/lib/gconv/gconv-modules.cache b7f45000-b7f47000 rw-p b7f45000 00:00 0 b7f47000-b7f60000 r-xp 00000000 08:02 1179669 /lib/ld-2.5.so b7f60000-b7f62000 rw-p 00019000 08:02 1179669 /lib/ld-2.5.so bf82f000-bf844000 rw-p bf82f000 00:00 0 [stack] ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso] Aborted (core dumped) SNMPv2-SMI::enterprises.9.555.1.61.1.2.1.1.3.1 = Opaque: Float: 179769313486231570814527423731704356798070567525844996598917476803157260780028538760589558632766878171540458953514382464234321326889464182768467546703537516986049910576551282076245490090389328944075868508455133942304583236903222948165808559332123348274797826204144723168738177180919299881250404026184124858368.000000 ==24386== ==24386== ERROR SUMMARY: 420 errors from 12 contexts (suppressed: 5 from 1) ==24386== malloc/free: in use at exit: 396,969 bytes in 8,294 blocks. ==24386== malloc/free: 20,626 allocs, 12,332 frees, 1,211,615 bytes allocated. ==24386== For counts of detected errors, rerun with: -v ==24386== searching for pointers to 8,294 not-freed blocks. ==24386== checked 830,352 bytes. ==24386== ==24386== LEAK SUMMARY: ==24386== definitely lost: 9 bytes in 1 blocks. ==24386== possibly lost: 0 bytes in 0 blocks. ==24386== still reachable: 396,960 bytes in 8,293 blocks. ==24386== suppressed: 0 bytes in 0 blocks. [17:17:39] uz asi chapes, preco nemam rad 3rd-party SW ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
