Menu

#1391 Fix for invalid memory access after the sending a request is failed.

backport-needed
closed
nobody
None
9
2020-05-17
2019-04-10
Masayoshi Mizuma
No

As "Core dump with net-snmp-5.8" thread in net-snmp-coder mailing list,
snmpd is terminated abnormally due to an invalid memory access after
the sending of a request is failed.

To fix the issue, this patch and the patch which is attached on Bug#2914
are needed.

1 Attachments
0002-snmplib-snmp_api-Remove-the-request-on-the-session-w.patch

Discussion

  • Bart Van Assche

    Bart Van Assche - 2019-04-15

    A slightly modified version of this patch has been applied on the v5.8 and master branches. Please retest.

     

  • Bart Van Assche

    Bart Van Assche - 2019-04-15
    • status: open --> closed
     

  • Shogo Matsumoto

    Shogo Matsumoto - 2019-04-15

    I confirmed the issue is fixed and is not reproduced at the latest commit(f39da221a). Thank you for merging the patch!

     

  • Uma

    Uma - 2020-05-17

    could anyone please confirm whether applying this patch on release code net-snmp-5.8.zip is enough to solve the SIGABRT on netsnmp_free_delegated_cache() . After applying this patch, SEGFAULT occurs on snmpwalk , snmpget, etc.
    Core was generated by `snmpwalk -OQ -v 2c -c localhost 1.3.6.1.4.1.17270.9225.2.1.9.1.2'.
    Program terminated with signal 11, Segmentation fault.

    #0  0x76f0e098 in _int_free (av=0x0, p=0x51eef8, have_lock=0) at /usr/src/debug/glibc/2.24-r0/git/malloc/malloc.c:3997
#0  0x76f0e098 in _int_free (av=0x0, p=0x51eef8, have_lock=0) at /usr/src/debug/glibc/2.24-r0/git/malloc/malloc.c:3997
#1  0x76f11660 in __GI___libc_free (mem=<optimized out>) at /usr/src/debug/glibc/2.24-r0/git/malloc/malloc.c:2982
#2  0x7702f098 in snmp_free_var_internals (var=0x525ed0) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:5429
#3  0x7702f148 in snmp_free_var (var=0x525ed0) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:5445
#4  0x7702f1b0 in snmp_free_varbind (var=<optimized out>) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:5455
#5  0x770341ec in snmp_free_pdu (pdu=0x51ef08) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:5495
#6  0x77036ee0 in remove_request (rp=0x51c020, orp=<optimized out>, isp=0x521dd0) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:6698
#7  snmp_sess_timeout (sessp=0x51eb28) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:6865
#8  0x77036f78 in snmp_timeout () at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_api.c:6683
#9  0x7700d154 in snmp_synch_response_cb (ss=0x526448, pdu=<optimized out>, response=0x7f90bfd0, pcb=<optimized out>) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_client.c:1085
#10 0x7700d1d8 in snmp_synch_response (ss=<optimized out>, pdu=<optimized out>, response=<optimized out>) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/snmplib/snmp_client.c:1126
#11 0x004010c0 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/net-snmp/5.8-r0/net-snmp-5.8/apps/snmpwalk.c:315
     

    Last edit: Bart Van Assche 2020-05-17

  • Bart Van Assche

    Bart Van Assche - 2020-05-17

    Please repeat your test with https://github.com/net-snmp/net-snmp/archive/V5-8-patches.zip. There are many more bug fixes in that archive than only the mentioned patch.

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.