Hi all,
I found some potential crash with net-snmp library, it causes the crash on
my test system. I'm using version
Take a look at the net-snmp-lib\snmplib\mib.c file, at the
netsnmp_mibindex_lookup() function.
Here is stack:
netsnmp_mibindex_lookup()
netsnmp_mibindex_new()
add_mibdir()
netsnmp_init_mib()
init_snmp()
in the netsnmp_mibindex_lookup():
char *
netsnmp_mibindex_lookup( const char *dirname )
{
int i;
static char tmpbuf[300];
for (i=0; i<_mibindex; i++) {
if ( _mibindexes[i] && // crash here
strcmp( _mibindexes[i], dirname ) == 0) {
snprintf(tmpbuf, sizeof(tmpbuf), "%s/mib_indexes/%d",
get_persistent_directory(), i);
tmpbuf[sizeof(tmpbuf)-1] = 0;
DEBUGMSGTL(("mibindex", "lookup: %s (%d) %s\n", dirname, i,
tmpbuf ));
return tmpbuf;
}
}
DEBUGMSGTL(("mibindex", "lookup: (none)\n"));
return NULL;
}
The root cause is mibindexes variable, it is declared as char **_mibindexes
= NULL;
_mibindexes is allocated in _mibindex_add when necessary. But
netsnmp_mibindex_lookup accessed _mibindexes without checking it NULL or
not.
In netsnmp_mibindex_new, the logic is as follow:
+ Call netsnmp_mibindex_lookup to check if the mib exists.
+ If not then call _mibindex_add to add it.
So, netsnmp_mibindex_lookup should not assume _mibindexes is already has mib
in there.
Could you help to take a look?
Thanks,
Duy
------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts.
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
