Bug#600076: libsmi2ldbl: Loading SNMPv2-TC causes segfault when handling some invalid MIB

2012-06-08 Thread Vincent Bernat 
Package: libsmi2ldbl
Version: 0.4.8+dfsg2-5
Followup-For: Bug #600076

Dear maintainer,

Please find attached a neat patch for this issue. From SVN r37017:

A patch suggested by Cedric Arbogast arbogast.ced...@gmail.com
and Vincent Bernat ber...@luffy.cx that avoids freeing memory
of pending nodes that in certain situations are still being used.


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libsmi2ldbl depends on:
ii  libc6  2.13-33
ii  multiarch-support  2.13-33

libsmi2ldbl recommends no packages.

Versions of packages libsmi2ldbl suggests:
ii  snmp-mibs-downloader  1.1

-- no debconf information
diff --git a/lib/parser-smi.y b/lib/parser-smi.y
index ecab924..bc0f6db 100644
--- a/lib/parser-smi.y
+++ b/lib/parser-smi.y
@@ -702,6 +702,7 @@ checkObjects(Parser *parserPtr, Module *modulePtr)
 		 nodePtr-parentPtr != thisParserPtr-pendingNodePtr 
 			 nodePtr-parentPtr != smiHandle-rootNodePtr 
 			 nodePtr != nodePtr-parentPtr 
+			 nodePtr-parentPtr != NULL 
 			 i = 128;
 		 nodePtr = nodePtr-parentPtr, i++);
 		if ((objectPtr-export.name) 
diff --git a/lib/smi-data.c b/lib/smi-data.c
index b7e9b2f..60ce8d5 100644
--- a/lib/data.c
+++ b/lib/data.c
@@ -4656,8 +4656,20 @@ Module *loadModule(const char *modulename, Parser *parserPtr)
 	smiDepth++;
 	parser.line			= 1;
 	smiparse((void *)parser);
+#if 0
+	/*
+	 * These nodes seem to be referenced in certain situations and
+	 * thus freeing them causes problems. So we better do not free
+	 * until we have sorted out how to free safely.
+	 *
+	 * http://www.ibr.cs.tu-bs.de/pipermail/libsmi/2010-August/001214.html
+	 * http://www.ibr.cs.tu-bs.de/pipermail/libsmi/2011-May/001249.html
+	 *
+	 * (see also below for the sming version)
+	 */
 	freeNodeTree(parser.pendingNodePtr);
 	smiFree(parser.pendingNodePtr);
+#endif
 	smiLeaveLexRecursion();
 	smiDepth--;
 	fclose(parser.file);
@@ -4699,8 +4711,20 @@ Module *loadModule(const char *modulename, Parser *parserPtr)
 	smiDepth++;
 	parser.line			= 1;
 	smingparse((void *)parser);
+#if 0
+	/*
+	 * These nodes seem to be referenced in certain situations and
+	 * thus freeing them causes problems. So we better do not free
+	 * until we have sorted out how to free safely.
+	 *
+	 * http://www.ibr.cs.tu-bs.de/pipermail/libsmi/2010-August/001214.html
+	 * http://www.ibr.cs.tu-bs.de/pipermail/libsmi/2011-May/001249.html
+	 *
+	 * (see also above for the smi version)
+	 */
 	freeNodeTree(parser.pendingNodePtr);
 	smiFree(parser.pendingNodePtr);
+#endif
 	smingLeaveLexRecursion();
 	smiDepth--;
 	fclose(parser.file);

Bug#600076: libsmi2ldbl: Loading SNMPv2-TC causes segfault when handling some invalid MIB

2010-10-13 Thread Vincent Bernat 
Package: libsmi2ldbl
Version: 0.4.8+dfsg2-2
Severity: normal

Hi!

Loading SNMPv2-TC in /etc/smi.conf leads to a segfault when running
some application parsing invalid MIB. For example: smilint RMON2-MIB
leads to a segfault if SNMPv2-TC is preloaded and not if not.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libsmi2ldbl depends on:
ii  libc6 2.11.2-6   Embedded GNU C Library: Shared lib

libsmi2ldbl recommends no packages.

Versions of packages libsmi2ldbl suggests:
ii  snmp-mibs-downloader  1.1Install and manage Management Info

-- Configuration Files:
/etc/smi.conf changed:
path :/usr/share/mibs/iana
path :/usr/share/mibs/ietf
path :/usr/share/mibs/netsnmp
path :/usr/share/mibs/site
level 0
load SNMPv2-SMI
load SNMPv2-CONF
smilint: level 9
smilint: hide namelength-32


-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org