Bug 1100099

Summary: net-snmp-python adds zeros to end of IP address (IPADDR type), which is not valid
Product: Red Hat Enterprise Linux 6 Reporter: Yoshifumi Kinoshita <ykinoshi>
Component: net-snmpAssignee: Jan Safranek <jsafrane>
Status: CLOSED ERRATA QA Contact: Dalibor Pospíšil <dapospis>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.5CC: dapospis, wburrows
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Net-SNMP python binding used wrong size for variables of IPADDRESS type, 8 bytes instead of 4. Consequence: Applications using Net-SNMP Python bindings could send malformed SNMP messages. Fix: The bindings now use 4 bytes for variables with IPADRESS type. Result: Applications send valid SNMP messages.
 Story Points: ---
Clone Of:
: 1252034 (view as bug list) Environment:
Last Closed: 2015-07-22 07:22:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1075802    

Description Yoshifumi Kinoshita 2014-05-22 02:52:23 UTC 
Description of problem:

  net-snmp-python adds zeros to end of IP address (IPADDR type), which is not valid.
  This bug report is copied from http://sourceforge.net/p/net-snmp/bugs/2436/

Version-Release number of selected component (if applicable):

  net-snmp-python-5.5-49.el6_5.1.x86_64

How reproducible:

  Always

Steps to Reproduce:
1. Create test script like this.
--- snmp_test.py
#!/bin/env python

import netsnmp

# this is only performing the IP function for the purposes of seeing the invalid IP address via tcpdump
oid = netsnmp.Varbind('.1.3.6.1.4.1.9.9.96.1.1.1.1', '5.50', '192.168.0.1', 'IPADDR')
result = netsnmp.snmpset(oid, Version = 2, DestHost = '192.168.0.254', Community = "secret")
print result


2. Run tcpdump for the packet capturing.

  # tcpdump -i any -s0 -w snmp.pcap  port 161

3. Run the script.

  # python snmp_test.py


Actual results:

The captured packet looks like this.
0000   04 06 73 65 63 72 65 74 a3 2a 02 04 09 c9 03 ba  ..secret.*......
0010   02 01 00 02 01 00 30 1c 30 1a 06 0e 2b 06 01 04  ......0.0...+...
0020   01 09 09 60 01 01 01 01 05 32 40 08 c0 a8 00 01  ...`.....2@.....
0030   00 00 00 00                                      ....

Type: 0x40
Length: 0x08
Value: "c0 a8 00 01 00 00 00 00" => 192.168.0.1.0.0.0.0



Expected results:

The packet should be like this.
0000   04 06 73 65 63 72 65 74 a3 2a 02 04 09 c9 03 ba  ..secret.*......
0010   02 01 00 02 01 00 30 1c 30 1a 06 0e 2b 06 01 04  ......0.0...+...
0020   01 09 09 60 01 01 01 01 05 32 40 04 c0 a8 00 01  ...`.....2@.....

Type: 0x40
Length: 0x04
Value: "c0 a8 00 01" => 192.168.0.1


Additional info:

  I verified the reproducer duplicates the bug on my RHEL6 successfully.
Comment 8 errata-xmlrpc 2015-07-22 07:22:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-1385.html