On Tue, Mar 16, 2010 at 2:36 PM, Jan Safranek <jsafr...@redhat.com> wrote:
>
> On 03/05/2010 04:44 PM, Jan Safranek wrote:
> > Hi,
> >
> > I've stumbled upon snmpd processing malformed requests. How should
> > snmplib react to it? E.g. my snmpd received get-request with ASN.1 error
> > in Request ID - instead of Type: 2, Length: 1, Value: 0xc it received
> > Type: 32, which is wrong. But the request got processed and answered,
> > nothing checks for type of Request-ID component. And I've noticed that
> > there are no such checks in general, not only Request-ID... Is it
> > feature or a bug? IMHO such malformed packets should be silently
> > discarded. Would you mind if I add checks to appropriate asn_parse_xxx?
> > Or is it up to the caller to check returned type and I shall add the
> > checks there? It's more work this way ;).
>
> Based on yesterday's conversation, I prepared a patch with solution #2
> (put it inside asn_parse_foo (which may not be possible)). My simple
> tests show that it works, see patch tracker for details:
> https://sourceforge.net/tracker/?func=detail&aid=2971270&group_id=12694&atid=312694
There might be code outside the Net-SNMP source tree that e.g. parses
the type ASN_COUNTER via asn_parse_int(). This works with the current
implementation but will stop working if your patch would be applied.
So this patch is a backwards-incompatible change.
An example:
$ cat encode-and-parse.cpp
#include <stdint.h>
#include <cassert>
#include <iostream>
#include <net-snmp/net-snmp-config.h>
#include <net-snmp/types.h>
#include <net-snmp/library/asn1.h>
int main(int argc, char** argv)
{
for (u_long i = 0xffffffff; i > 0; i = i / 2)
{
uint8_t asnbuf[8];
size_t asnbuflen = sizeof(asnbuf);
assert(asn_build_unsigned_int(asnbuf, &asnbuflen, ASN_COUNTER,
&i, sizeof(i)));
long j;
uint8_t asntype;
asnbuflen = sizeof(asnbuflen) - asnbuflen;
assert(asn_parse_int(asnbuf, &asnbuflen, &asntype, &j, sizeof(j)));
assert(i == (u_long)j);
std::cout << "i = " << i << "; j = " << j << '\n';
}
return 0;
}
// Local variables:
// compile-command: "g++ -Wall -Werror -g -o encode-and-parse
encode-and-parse.cpp -lnetsnmp"
// End:
$ ./encode-and-parse
i = 4294967295; j = 4294967295
i = 2147483647; j = 2147483647
i = 1073741823; j = 1073741823
i = 536870911; j = 536870911
i = 268435455; j = 268435455
i = 134217727; j = 134217727
i = 67108863; j = 67108863
i = 33554431; j = 33554431
i = 16777215; j = 16777215
i = 8388607; j = 8388607
i = 4194303; j = 4194303
i = 2097151; j = 2097151
i = 1048575; j = 1048575
i = 524287; j = 524287
i = 262143; j = 262143
i = 131071; j = 131071
i = 65535; j = 65535
i = 32767; j = 32767
i = 16383; j = 16383
i = 8191; j = 8191
i = 4095; j = 4095
i = 2047; j = 2047
i = 1023; j = 1023
i = 511; j = 511
i = 255; j = 255
i = 127; j = 127
i = 63; j = 63
i = 31; j = 31
i = 15; j = 15
i = 7; j = 7
i = 3; j = 3
i = 1; j = 1
Bart.
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
