Re: double free in snmptrapd - free_trapd_address
On 05/13/13 09:41, Michael Shcwarcz wrote:
> Hello,
>
> I am running net-snmp 5.7.2 and it looks like there is a double free
> problem in snmptrapd, in free_trapd_address() and parse_trapd_address().
>
> I get a SIGABORT on the second SIGHUP (looks like it does a double free
> on the first SIGHUP and on the second it crashes).
>
> I have this snmptrapd.conf configuration:
>
>snmpTrapdAddr udp:162,udp6:162
>
>authCommunity log,execute,net public
>
> And this is the back-trace from gdb:
>
> *** glibc detected *** /opt/compass/bin/snmptrapd: free(): invalid next
> size (fast): 0x080c17a8 ***
>
> === Backtrace: =
>
> /lib/libc.so.6[0xf7204845]
>
> /lib/libc.so.6(cfree+0x9c)[0xf72066ec]
>
> /opt/compass/bin/snmptrapd(free_trapd_address+0x2a)[0x804a6ba]
>
> /usr/lib/libnetsnmp.so.30(free_config+0x32)[0xf74ae4c2]
>
> /opt/compass/bin/snmptrapd[0x804a557]
>
> /opt/compass/bin/snmptrapd[0x804bfa9]
>
> /lib/libc.so.6(__libc_start_main+0xe5)[0xf71b0455]
>
> I have a patch that fixes this issue, here is the diff:
>
> @@ -446,6 +446,7 @@ free_trapd_address(void)
>
> {
>
> if (default_port != ddefault_port) {
>
> free(default_port);
>
> +default_port = ddefault_port;
>
> }
>
> }
>
> Tell me what you think about this solution..
Thanks for the patch and sorry for the delay. The above patch has been
checked in on the V5.7 and master branches.
Bart.
--
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
___
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
double free in snmptrapd - free_trapd_address
Hello,
I am running net-snmp 5.7.2 and it looks like there is a double free problem in
snmptrapd, in free_trapd_address() and parse_trapd_address().
I get a SIGABORT on the second SIGHUP (looks like it does a double free on the
first SIGHUP and on the second it crashes).
I have this snmptrapd.conf configuration:
snmpTrapdAddr udp:162,udp6:162
authCommunity log,execute,net public
And this is the back-trace from gdb:
*** glibc detected *** /opt/compass/bin/snmptrapd: free(): invalid next size
(fast): 0x080c17a8 ***
=== Backtrace: =
/lib/libc.so.6[0xf7204845]
/lib/libc.so.6(cfree+0x9c)[0xf72066ec]
/opt/compass/bin/snmptrapd(free_trapd_address+0x2a)[0x804a6ba]
/usr/lib/libnetsnmp.so.30(free_config+0x32)[0xf74ae4c2]
/opt/compass/bin/snmptrapd[0x804a557]
/opt/compass/bin/snmptrapd[0x804bfa9]
/lib/libc.so.6(__libc_start_main+0xe5)[0xf71b0455]
I have a patch that fixes this issue, here is the diff:
@@ -446,6 +446,7 @@ free_trapd_address(void)
{
if (default_port != ddefault_port) {
free(default_port);
+default_port = ddefault_port;
}
}
Tell me what you think about this solution..
And anyway, I see that pointers are not set to NULL after free(), so it can
occur on many other places as well..
BR
Michael Schwarcz
--
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d___
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
double free in snmptrapd - free_trapd_address
Hello,
I am running net-snmp 5.7.2 and it looks like there is a double free problem in
snmptrapd, in free_trapd_address() and parse_trapd_address().
I get a SIGABORT on the second SIGHUP (looks like it does a double free on the
first SIGHUP and on the second it crashes).
I have this snmptrapd.conf configuration:
snmpTrapdAddr udp:162,udp6:162
authCommunity log,execute,net public
And this is the back-trace from gdb:
*** glibc detected *** /opt/compass/bin/snmptrapd: free(): invalid next size
(fast): 0x080c17a8 ***
=== Backtrace: =
/lib/libc.so.6[0xf7204845]
/lib/libc.so.6(cfree+0x9c)[0xf72066ec]
/opt/compass/bin/snmptrapd(free_trapd_address+0x2a)[0x804a6ba]
/usr/lib/libnetsnmp.so.30(free_config+0x32)[0xf74ae4c2]
/opt/compass/bin/snmptrapd[0x804a557]
/opt/compass/bin/snmptrapd[0x804bfa9]
/lib/libc.so.6(__libc_start_main+0xe5)[0xf71b0455]
I have a patch that fixes this issue, here is the diff:
@@ -446,6 +446,7 @@ free_trapd_address(void)
{
if (default_port != ddefault_port) {
free(default_port);
+default_port = ddefault_port;
}
}
Tell me what you think about this solution..
And anyway, I see that pointers are not set to NULL after free(), so it can
occur on many other places as well..
BR
Michael Schwarcz
--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and
their applications. This 200-page book is written by three acclaimed
leaders in the field. The early access version is available now.
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may___
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
