458937 – net-smp fails to parse if_inet6 when the iface index is greater than 255

Bug 458937 - net-smp fails to parse if_inet6 when the iface index is greater than 255

Summary: net-smp fails to parse if_inet6 when the iface index is greater than 255

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	net-snmp
Sub Component:
Version:	5.2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Jan Safranek
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-08-13 11:07 UTC by Olivier Fourdan
Modified:	2018-10-20 03:12 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-01-20 22:07:28 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Patch to increase the lengths of the index in sscanf (622 bytes, patch) 2008-08-13 11:07 UTC, Olivier Fourdan	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2009:0230	0	normal	SHIPPED_LIVE	net-snmp enhancement and bug fix update	2009-01-20 16:06:32 UTC

Description Olivier Fourdan 2008-08-13 11:07:47 UTC

Created attachment 314189 [details]
Patch to increase the lengths of the index in sscanf

Description of problem:

With a large number of interfaces (like in a Xen environments with multiple xen bridges), the index of the interfaces can be greater than 255. In such a case, net-snmp will fails to parse /proc/net/if_inet6 if one of the index is greater than 0xFF and will generate errors.

Version-Release number of selected component (if applicable):

net-snmp-5.3.1-24.el5_2.1

How reproducible:

100% reproducible

Steps to Reproduce:

1.Set-up an system with a lot of network interfaces
2.Check if one of the interfaces in proc/net/if_inet6 has an index greater than 0xFF
3.Install and configure net-snmp
  
Actual results:

snmpd[13835]: ioctl 35123 returned -1 
last message repeated <many> times
...

Expected results:

No error message

Additional info:

The parsing is done in _load_v6() (in agent/mibgroup/ip-mib/data_access/ipaddress_linux.c) with:

        /*
         * fe800000000000000200e8fffe5b5c93 05 40 20 80 eth0
         *             A                    D  P  S  F  I
         * A: address
         * D: device number
         * P: prefix len
         * S: scope (see include/net/ipv6.h, net/ipv6/addrconf.c)
         * F: flags (see include/linux/rtnetlink.h, net/ipv6/addrconf.c)
         * I: interface
         */
        rc = sscanf(line, "%39s %02x %02x %02x %02x %8s\n",
                    addr, &if_index, &pfx_len, &scope, &flags, if_name);

So if the index is greater than 0xFF, scanf %02x will not read the entire index and break the pasing of the remaining items.

Comment 3 RHEL Program Management 2008-08-13 11:41:47 UTC

This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 4 Martin Kočí 2008-08-13 12:23:18 UTC

QA acked for 5.3.

Comment 8 errata-xmlrpc 2009-01-20 22:07:28 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0230.html

Note You need to log in before you can comment on or make changes to this bug.