Bug 176922 - Crash when using invalid override line
Crash when using invalid override line
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: net-snmp (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Radek Vokal
:
Depends On:
Blocks: 181409
  Show dependency treegraph
 
Reported: 2006-01-04 08:33 EST by Bastien Nocera
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: RHBA-2006-0421
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-10 17:32:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
net-snmp-null-crash-fix.patch (702 bytes, patch)
2006-01-04 08:33 EST, Bastien Nocera
no flags Details | Diff
snmpd.conf (18.26 KB, text/plain)
2006-01-17 10:20 EST, Bastien Nocera
no flags Details

  None (edit)
Description Bastien Nocera 2006-01-04 08:33:17 EST
1. Add the line:
override 1.3.6.1.2.1.25.2.3.1.3.6 NULL
to the snmpd.conf
2. snmpd will segfault on start:
#0  0x00679e53 in strlen () from /lib/tls/libc.so.6
#1  0x00679b95 in strdup () from /lib/tls/libc.so.6
#2  0x001fb81c in netsnmp_register_mib (moduleName=0x0, var=0x0, varsize=0,
    numvars=0, mibloc=0x936ed18, mibloclen=12, priority=255, range_subid=0,
    range_ubound=0, ss=0x0, context=0x0, timeout=0, flags=0,
    reginfo=0x9358ba0, perform_callback=1) at agent_registry.c:571

The attached patch fixes the immediate crash, but the override statement still
does not work (even changing the "NULL" to "null" as per the manpage has no
effects).
Comment 1 Bastien Nocera 2006-01-04 08:33:17 EST
Created attachment 122759 [details]
net-snmp-null-crash-fix.patch
Comment 2 Radek Vokal 2006-01-06 06:40:11 EST
I've tested this with net-snmp-5.1.2-11.EL4.6 and the segfault did not appear.
For the test case I put the override option on the first line. (Also tested with
this line as the very last one). Don't you have some specific option in snmpd.conf? 

# snmpd -Lo -f
/etc/snmp/snmpd.conf: line 1: Error: no variable value specified
Comment 3 Bastien Nocera 2006-01-17 10:13:37 EST
The command, as can be seen below:
"snmpd -LE7 -Lsd -p /var/run/snmpd -aA -d -f"

That's the backtrace:
Core was generated by `snmpd -LE7 -Lsd -p /var/run/snmpd -aA -d -f'.
Program terminated with signal 11, Segmentation fault.
Loaded symbols for /usr/sbin/snmpd
Reading symbols from /usr/lib/libnetsnmpagent.so.5...Reading symbols from
/usr/lib/debug/usr/lib/libnetsnmpagent.so.5.1.2.debug...done.
done.
Loaded symbols for /usr/lib/libnetsnmpagent.so.5
Reading symbols from /usr/lib/libnetsnmpmibs.so.5...Reading symbols from
/usr/lib/debug/usr/lib/libnetsnmpmibs.so.5.1.2.debug...done.
done.
Loaded symbols for /usr/lib/libnetsnmpmibs.so.5
Reading symbols from /usr/lib/libnetsnmphelpers.so.5...Reading symbols from
/usr/lib/debug/usr/lib/libnetsnmphelpers.so.5.1.2.debug...done.
done.
Loaded symbols for /usr/lib/libnetsnmphelpers.so.5
Reading symbols from /usr/lib/libwrap.so.0...done.
Loaded symbols for /usr/lib/libwrap.so.0
Reading symbols from /usr/lib/libnetsnmp.so.5...Reading symbols from
/usr/lib/debug/usr/lib/libnetsnmp.so.5.1.2.debug...done.
done.
Loaded symbols for /usr/lib/libnetsnmp.so.5
Reading symbols from /usr/lib/libsensors.so.3...done.
Loaded symbols for /usr/lib/libsensors.so.3
Reading symbols from /usr/lib/librpm-4.3.so...done.
Loaded symbols for /usr/lib/librpm-4.3.so
Reading symbols from /usr/lib/librpmdb-4.3.so...done.
Loaded symbols for /usr/lib/librpmdb-4.3.so
Reading symbols from /lib/libselinux.so.1...done.
Loaded symbols for /lib/libselinux.so.1
Reading symbols from /usr/lib/librpmio-4.3.so...done.
Loaded symbols for /usr/lib/librpmio-4.3.so
Reading symbols from /usr/lib/libbeecrypt.so.6...done.
Loaded symbols for /usr/lib/libbeecrypt.so.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/tls/librt.so.1...done.
Loaded symbols for /lib/tls/librt.so.1
Reading symbols from /lib/tls/libpthread.so.0...done.
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /usr/lib/libpopt.so.0...done.
Loaded symbols for /usr/lib/libpopt.so.0
Reading symbols from /usr/lib/libbz2.so.1...done.
Loaded symbols for /usr/lib/libbz2.so.1
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/libcrypto.so.4...done.
Loaded symbols for /lib/libcrypto.so.4
Reading symbols from /usr/lib/libelf.so.1...done.
Loaded symbols for /usr/lib/libelf.so.1
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib/libgssapi_krb5.so.2
Reading symbols from /usr/lib/libkrb5.so.3...done.
Loaded symbols for /usr/lib/libkrb5.so.3
Reading symbols from /lib/libcom_err.so.2...done.
Loaded symbols for /lib/libcom_err.so.2
Reading symbols from /usr/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/lib/libk5crypto.so.3
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
#0  0x00679e53 in strlen () from /lib/tls/libc.so.6
(gdb)
(gdb) bt
#0  0x00679e53 in strlen () from /lib/tls/libc.so.6
#1  0x00679b95 in strdup () from /lib/tls/libc.so.6
#2  0x001fb81c in netsnmp_register_mib (moduleName=0x0, var=0x0, varsize=0,
    numvars=0, mibloc=0x936ed18, mibloclen=12, priority=255, range_subid=0,
    range_ubound=0, ss=0x0, context=0x0, timeout=0, flags=0,
    reginfo=0x9358ba0, perform_callback=1) at agent_registry.c:571
#3  0x0020033d in netsnmp_register_handler (reginfo=0x9358ba0)
    at agent_handler.c:224
#4  0x00d4fd93 in netsnmp_register_serialize (reginfo=0x9358ba0)
    at serialize.c:46
#5  0x00d4b22f in netsnmp_register_instance (reginfo=0x9358ba0)
    at instance.c:74
#6  0x004887bb in netsnmp_parse_override (token=0xbff2aa90 "override",
    line=0x0) at utilities/override.c:188
#7  0x00bff38b in run_config_handler (lptr=0x931dc38,
    token=0xbff2aa90 "override",
    cptr=0xbff2ae99 "1.3.6.1.2.1.25.2.3.1.3.6 null", when=0)
    at read_config.c:449
#8  0x00bfffe2 in read_config (filename=0xbff2bdd0 "/etc/snmp/snmpd.conf",
    line_handler=0x92a19f0, when=0) at read_config.c:739
#9  0x00c00d68 in read_config_files (when=0) at read_config.c:1072
#10 0x00c01277 in read_configs () at read_config.c:775
#11 0x00bded75 in init_snmp (type=0x74f528 "snmpd") at snmp_api.c:811
---Type <return> to continue, or q <return> to quit---
#12 0x0074d1ce in main (argc=8, argv=0xbff2d484) at snmpd.c:867
Comment 5 Bastien Nocera 2006-01-17 10:18:19 EST
I think the snmpd.conf is the main difference here.

$ rpm -q net-snmp
net-snmp-5.1.2-11.EL4.6
$ sudo snmpd -Lo -f
Segmentation fault
Comment 6 Bastien Nocera 2006-01-17 10:20:07 EST
Created attachment 123298 [details]
snmpd.conf
Comment 7 Radek Vokal 2006-01-23 10:15:51 EST
Reproduced here, still chasing the override option
Comment 10 Bob Johnson 2006-04-11 11:52:46 EDT
This issue is on Red Hat Engineering's list of planned work items 
for the upcoming Red Hat Enterprise Linux 4.4 release.  Engineering 
resources have been assigned and barring unforeseen circumstances, Red 
Hat intends to include this item in the 4.4 release.
Comment 18 Red Hat Bugzilla 2006-08-10 17:32:17 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0421.html

Note You need to log in before you can comment on or make changes to this bug.