pysnmp-dev

[Pysnmp-dev] possible bug in SnmpV1SecurityModel.processIncomingMsg ?

[Paul W. <pau...@cy...>]

First let me say that PySNMP is pretty handy, it has made my life a lot
easier in the last few weeks.

Secondly, in doing some development and testing of my manager side
application I think I hit a bug in pysnmp/v4/proto/secmod/rfc2576.py
SnmpV1SecurityModel.processIncomingMsg.  Apologies in advance if I am just
misunderstanding this.

There is a while(1) look in there that is exited with a break when the
incoming communityName is matched against an entry in the SNMP-COMMUNITY-MIB
snmpCommunityName or we exhaust all the snmpCommunityName entries without
finding a match, in which case the request should be dropped and
snmpInBadCommunityNames incremented.

The problem is we always seem to allow in the user, even when a match is not
found.  The problem is that the 'else' clause outside of the while(1) loop
can never be entered since the else clause on a loop is only entered when
the loop terminates normally, which is impossible for a while(1) loop.
>From the python docs:
"Loop statements may have an else clause; it is executed when the loop
terminates through exhaustion of the list (with for) or when the condition
becomes false (with while), but not when the loop is terminated by a
breakstatement."

        while 1:
            try:
                mibNodeIdx = snmpCommunityName.getNextNode(
                    mibNodeIdx.name
                    )
            except NoSuchInstanceError:
                break
            if mibNodeIdx.syntax != communityName:
                continue
            break
        else:
            #  I don't think we can ever get here!
            snmpInBadCommunityNames, =
snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('__SNMP-COMMUNITY-MIB',
'snmpInBadCommunityNames')
            snmpInBadCommunityNames.syntax =
snmpInBadCommunityNames.syntax+1
            raise error.StatusInformation(
                errorIndication = 'unknownCommunityName'
                )

I think instead we want something like this, although a better solution is
welcome:

        while 1:
            try:
                mibNodeIdx = snmpCommunityName.getNextNode(
                    mibNodeIdx.name
                    )
            except NoSuchInstanceError:
                print 'unknownCommunityName: %s' % (communityName,)
                snmpInBadCommunityNames, =
snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('__SNMPv2-MIB',
'snmpInBadCommunityNames')
                snmpInBadCommunityNames.syntax =
snmpInBadCommunityNames.syntax+1
                raise error.StatusInformation(
                    errorIndication = 'unknownCommunityName'
                    )
                break  # i guess this break isn't needed
            if mibNodeIdx.syntax != communityName:
                continue
            break

Thanks in advance for any replies, and keep up the good work.

-Paul Warner

Re: [Pysnmp-dev] possible bug in SnmpV1SecurityModel.processIncomingMsg ?

[Ilya E. <il...@gl...>]

Your fix is absolutely correct. I've just committed it into CVS at 
SourceForge. Thanks for pointing out!

-ilya

[ skipped ]

> There is a while(1) look in there that is exited with a break when the
> incoming communityName is matched against an entry in the SNMP-COMMUNITY-MIB
> snmpCommunityName or we exhaust all the snmpCommunityName entries without
> finding a match, in which case the request should be dropped and
> snmpInBadCommunityNames incremented.
> 
> The problem is we always seem to allow in the user, even when a match is not
> found.  The problem is that the 'else' clause outside of the while(1) loop
> can never be entered since the else clause on a loop is only entered when
> the loop terminates normally, which is impossible for a while(1) loop.

[ skipped ]