Bug 1327261

Summary: snmpget: Invalid read in usm_discover_engineid
Product: Red Hat Enterprise Linux 7 Reporter: Dalibor Pospíšil <dapospis>
Component: net-snmpAssignee: Josef Ridky <jridky>
Status: CLOSED WONTFIX QA Contact: BaseOS QE - Apps <qe-baseos-apps>
Severity: low Docs Contact:
Priority: low    
Version: 7.2   
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-12-10 13:55:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1380364    

Description Dalibor Pospíšil 2016-04-14 15:31:18 UTC 
Description of problem:
valgrind reports invalid read of size 4. But only on x86_64 arch.

Version-Release number of selected component (if applicable):
net-snmp-5.7.2-24.el7.x86_64

How reproducible:
always


Steps to Reproduce:
use linked test case

Actual results:
==5728== Memcheck, a memory error detector
==5728== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==5728== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==5728== Command: snmpget -v 3 -u user2 -l authNoPriv -A 012345678 localhost 1.3.6.1.2.1.1.1.0
==5728== 
Created directory: /var/lib/net-snmp/cert_indexes
Created directory: /var/lib/net-snmp/mib_indexes
==5728== Invalid read of size 4
==5728==    at 0x4EC882F: usm_discover_engineid (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x4E6E345: snmpv3_engineID_probe (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x4E7646A: snmp_sess_async_send (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x4E541FD: snmp_synch_response_cb (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x400F3E: ??? (in /usr/bin/snmpget)
==5728==    by 0x5AAFB14: (below main) (in /usr/lib64/libc-2.17.so)
==5728==  Address 0x7e95a90 is 0 bytes inside a block of size 1 alloc'd
==5728==    at 0x4C2B974: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==5728==    by 0x4EC8824: usm_discover_engineid (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x4E6E345: snmpv3_engineID_probe (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x4E7646A: snmp_sess_async_send (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x4E541FD: snmp_synch_response_cb (in /usr/lib64/libnetsnmp.so.31.0.2)
==5728==    by 0x400F3E: ??? (in /usr/bin/snmpget)
==5728==    by 0x5AAFB14: (below main) (in /usr/lib64/libc-2.17.so)
...
==5728== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 1 from 1)


Expected results:
==5728== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)


Additional info:
Comment 2 Josef Ridky 2019-12-10 13:55:29 UTC 
Red Hat Enterprise Linux version 7 is entering the Maintenance phase 1 of its lifetime and this bug doesn't meet the criteria for it, i.e. only high severity issues will be fixed. Please see https://access.redhat.com/support/policy/updates/errata/ for further information.

I am closing this issue as WONTFIX.