Bug 80495

Summary: snmptrap segfaults when invalid type is specified
Product: [Retired] Red Hat Linux Reporter: Oliver Bassett <redhat>
Component: net-snmpAssignee: Phil Knirsch <pknirsch>
Status: CLOSED RAWHIDE QA Contact:
Severity: low Docs Contact:
Priority: medium    
Version: 8.0CC: rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-02-05 17:47:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Oliver Bassett 2002-12-27 06:21:01 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
If you specify anything other than the correct type (as listed in man page) 
when you run snmptrap using any trap version. I am running net-snmp-5.0.1-6.

Version-Release number of selected component (if applicable):
5.0.1-6

How reproducible:
Always

Steps to Reproduce:
1. snmptrap -v 1 -c public host 1.3.6.1.4.1.15613.1 '' 1 0 '' 
1.3.6.1.4.1.15613.1.999 z blah
    

Actual Results:  Segementation Fault

Expected Results:  A message indicating Invalid Type Specefied

Additional info:

backtrace on core:
(gdb) bt
#0  0x42070a04 in _IO_str_overflow_internal () from /lib/i686/libc.so.6
#1  0x4206fc4a in __overflow () from /lib/i686/libc.so.6
#2  0x42049ff0 in vfprintf () from /lib/i686/libc.so.6
#3  0x42064e1c in vsprintf () from /lib/i686/libc.so.6
#4  0x4205243d in sprintf () from /lib/i686/libc.so.6
#5  0x40050397 in snmp_add_var () from /usr/lib/libnetsnmp.so.5
#6  0x0804919e in main ()
#7  0x420158d4 in __libc_start_main () from /lib/i686/libc.so.6

Comment 1 Oliver Bassett 2003-01-23 02:15:08 UTC
This issue was fixed in Revision 5.15 in the Net-SNMP CVS.

Revision 5.15 </cgi-bin/viewcvs.cgi/*checkout*/net-snmp/net-
snmp/snmplib/snmp_api.c?rev=5.15> / (view) <snmp_api.c?rev=5.15&content-
type=text/vnd.viewcvs-markup> - annotate <snmp_api.c?annotate=5.15> - [select 
for diffs] <snmp_api.c?r1=5.15> , Mon Sep 9 13:28:40 2002 UTC (4 months, 1 week 
ago) by jbpn 
Branch: MAIN <snmp_api.c?only_with_tag=MAIN> 
Changes since 5.14: +7 -4 lines 
Diff to previous 5.14 <snmp_api.c.diff?r1=5.14&r2=5.15> 
  - fix bug pointed out by Jared Smith-Mickelson (bug #605147)
    whereby passing an unknown type character to snmp_add_var would
    cause a segfault.

Comment 2 Phil Knirsch 2003-02-05 17:47:40 UTC
Seems to be fixed in the latest rawhide release.

I've run the snmptrap command and snmpd didn't segfault.

Read ya, Phil