Description of problem: The NetSNMP::TrapReceiver Perl module distributed in the net-snmp-perl package leaks memory when it is used to register an SNMP trap handler with the snmptrapd process. Version-Release number of selected component (if applicable): net-snmp-perl 5.3.2.2-9.el5_5.1 NetSNMP::TrapReceiver 5.03022 How reproducible: Every time. Steps to Reproduce: 1. Create a no-op Perl trap handler with this code: #!/usr/bin/perl use SNMP; sub my_receiver {} NetSNMP::TrapReceiver::register("all", \&my_receiver) or warn "Failed to register Perl trap handler\n"; print "Registered Perl trap handler\n"; 2. Configure snmptrapd using this line in /etc/snmp/snmptrapd.conf: perl do "/path/to/subagent"; 3. Run snmptrapd with valgrind's memcheck tool: valgrind -v --leak-check=yes /usr/sbin/snmptrapd -Lsd -p /var/run/snmptrapd.pid -f 4. When the "Registered Perl trap handler" message appears, send one or more traps to the server. 5. Quit valgrind and snmptrapd with ctrl-c. This will display the memcheck report. Actual results: snmptrapd leaks memory. This is amplified the more traps are sent to the receiver. Eventually, on a busy server, snmptrapd consumes all available memory on the system. Expected results: snmptrapd runs memcheck-clean (does not leak memory). Remove the "perl do" line from /etc/snmp/snmptrapd.conf and run the valgrind command in step 3 again and the result will be memcheck-clean.
There are two known leaks in TrapReceiver: http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=revision&revision=16983 http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=revision&revision=19335 (for the second, the handler must process trap version 1 to leak memory).
Just for the reference, these leaks were fixed: ==7314== 6,007,054 (272,000 direct, 5,735,054 indirect) bytes in 1,000 blocks are definitely lost in loss record 2,175 of 2,175 ==7314== at 0x4A05E1C: malloc (vg_replace_malloc.c:195) ==7314== by 0x5642BA2: _clone_pdu_header (snmp_client.c:342) ==7314== by 0x5643088: _clone_pdu (snmp_client.c:524) ==7314== by 0x4E34154: convert_v1pdu_to_v2 (agent_trap.c:477) ==7314== by 0xE930EC4: perl_trapd_handler (TrapReceiver.xs:52) ==7314== by 0x4C15562: snmp_input (snmptrapd_handlers.c:1142) ==7314== by 0x5668B39: _sess_process_packet (snmp_api.c:5342) ==7314== by 0x5669B20: _sess_read (snmp_api.c:5761) ==7314== by 0x566A5A8: snmp_sess_read (snmp_api.c:5780) ==7314== by 0x566A5F2: snmp_read (snmp_api.c:5394) ==7314== by 0x10D47B: main (snmptrapd.c:1274) ==7358== 4,923,360 bytes in 4,734 blocks are possibly lost in loss record 2,165 of 2,165 ==7358== at 0x4A05140: calloc (vg_replace_malloc.c:418) ==7358== by 0xE933744: perl_trapd_handler (TrapReceiver.xs:111) ==7358== by 0x4C15562: snmp_input (snmptrapd_handlers.c:1142) ==7358== by 0x566BC79: _sess_process_packet (snmp_api.c:5342) ==7358== by 0x566CC60: _sess_read (snmp_api.c:5761) ==7358== by 0x566D6E8: snmp_sess_read (snmp_api.c:5780) ==7358== by 0x566D732: snmp_read (snmp_api.c:5394) ==7358== by 0x10D47B: main (snmptrapd.c:1274)
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1076.html