snmpd in mater agentx mode crashed when subagent closed
TCP connection.
A TCP conection close routine is malfunction.
( at 5446 line in snmp_api.c )
It raise SIGSEGV.
5367 if (transport->flags &
NETSNMP_TRANSPORT_FLAG_STREAM) {
...
5389 newbuf =
5390 (u_char *) realloc(isp->packet,
5391
isp->packet_len + rxbuf_len);
...
5398 isp->packet = newbuf;
5399 isp->packet_size =
isp->packet_len + rxbuf_len;
5400 rxbuf = isp->packet +
isp->packet_len;
}
...
5432 if (length <= 0 && transport->flags &
NETSNMP_TRANSPORT_FLAG_STREAM) {
...
5446 SNMP_FREE(rxbuf);
...
}
5446 line must free not rxbuf but isp->packet.
< SNMP_FREE(rxbuf);
------------------
SNMP\_FREE\(isp->packet\);
Logged In: YES
user_id=76148
thanks for the bug report and patch. this has been fixed for
future releases 5.3, 5.2.2 and 5.1.3.
Logged In: YES
user_id=848638
Originator: NO
The fix was also applied to the 5.0.x line, and included in release 5.0.10.2 and above.
See SVN revision 12483.
Logged In: YES
user_id=88893
Originator: NO
Also included in 5.0.10.2 and above.
See SVN revision 12483
Logged In: NO
http://253ac878cc16d2a009b37aaed0f7df87-t.zjdicn.org 253ac878cc16d2a009b37aaed0f7df87 [url]http://253ac878cc16d2a009b37aaed0f7df87-b1.zjdicn.org[/url] [url=http://253ac878cc16d2a009b37aaed0f7df87-b2.zjdicn.org]253ac878cc16d2a009b37aaed0f7df87[/url] [u]http://253ac878cc16d2a009b37aaed0f7df87-b3.zjdicn.org[/u] 9b90290ebc5b707b8f998fd2e6478888