2022-06-27 03:10:01 |
Matthew Ruffell |
bug |
|
|
added bug |
2022-06-27 03:10:16 |
Matthew Ruffell |
nominated for series |
|
Ubuntu Focal |
|
2022-06-27 03:10:16 |
Matthew Ruffell |
bug task added |
|
net-snmp (Ubuntu Focal) |
|
2022-06-27 03:10:23 |
Matthew Ruffell |
net-snmp (Ubuntu): status |
New |
Fix Released |
|
2022-06-27 03:10:28 |
Matthew Ruffell |
net-snmp (Ubuntu Focal): status |
New |
In Progress |
|
2022-06-27 03:10:33 |
Matthew Ruffell |
net-snmp (Ubuntu Focal): importance |
Undecided |
Medium |
|
2022-06-27 03:10:36 |
Matthew Ruffell |
net-snmp (Ubuntu Focal): assignee |
|
Matthew Ruffell (mruffell) |
|
2022-06-27 03:10:45 |
Matthew Ruffell |
tags |
|
focal sts |
|
2022-06-27 03:16:16 |
Matthew Ruffell |
description |
[Impact]
When starting snmptrapd configured to connect to a mysql server, we segmentation fault when calling my_load_defaults():
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
(gdb) bt
#0 0x00007efd8d9f15b0 in MEM_ROOT::Alloc (length=56, this=this@entry=0x0) at ./include/my_alloc.h:157
#1 init_default_directories (alloc=alloc@entry=0x0) at ./mysys/my_default.cc:1632
#2 0x00007efd8d9f817a in my_load_defaults (conf_file=0x7efd8e751f64 "my", groups=0x7efd8e7550c8, argc=0x7ffd8941b674, argv=0x7ffd8941b678, alloc=0x0, default_directories=0x555a8abccc00) at ./mysys/my_default.cc:692
#3 0x00007efd8e74fe1b in netsnmp_mysql_init () from /lib/x86_64-linux-gnu/libnetsnmptrapd.so.35
#4 0x0000555a8a9e3873 in main (argc=<optimized out>, argv=<optimized out>) at snmptrapd.c:1196
What happens is that we are calling my_load_defaults() even though we have mysql_options(), and the arguments we pass into my_load_defaults() are NULL, which eventually get de-referenced.
The fix is to change the configure script to only call my_load_defaults() if we don't have mysql_options().
[Testcase]
$ sudo apt update
$ sudo apt install snmp snmpd snmptrapd snmp-mibs-downloader
Edit /etc/snmp/snmptrapd.conf and add the following entries:
disableAuthorization yes
traphandle default /usr/bin/logger
sqlMaxQueue 1
sqlSaveInterval 9
Save and exit.
It is easier to reproduce if you stop and disable all services:
$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmp.service
Then try running:
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
There is a test package available in the following ppa:
When running this test package, you will instead see:
$ sudo /usr/sbin/snmptrapd -LOw -f
[Where problems can occur]
We are changing how snmptrapd initialises and begins connections to a mysql server, and if a regression were to occur, it would be limited to users of snmptrapd with the mysql backend. Other database backends would not be affected.
Other binaries produced would also not be affected.
[Other Info]
The issue was fixed upstream by the following commit:
commit 011342d8e453b9e0585bf77f659d80c648df8c9f
Author: Bart Van Assche <bvanassche@acm.org>
Date: Sat Aug 18 09:28:14 2018 -0700
Subject: snmptrapd: Let configure check for mysql_options()
Link: https://github.com/net-snmp/net-snmp/commit/011342d8e453b9e0585bf77f659d80c648df8c9f |
[Impact]
When starting snmptrapd configured to connect to a mysql server, we segmentation fault when calling my_load_defaults():
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
(gdb) bt
#0 0x00007efd8d9f15b0 in MEM_ROOT::Alloc (length=56, this=this@entry=0x0) at ./include/my_alloc.h:157
#1 init_default_directories (alloc=alloc@entry=0x0) at ./mysys/my_default.cc:1632
#2 0x00007efd8d9f817a in my_load_defaults (conf_file=0x7efd8e751f64 "my", groups=0x7efd8e7550c8, argc=0x7ffd8941b674, argv=0x7ffd8941b678, alloc=0x0, default_directories=0x555a8abccc00) at ./mysys/my_default.cc:692
#3 0x00007efd8e74fe1b in netsnmp_mysql_init () from /lib/x86_64-linux-gnu/libnetsnmptrapd.so.35
#4 0x0000555a8a9e3873 in main (argc=<optimized out>, argv=<optimized out>) at snmptrapd.c:1196
What happens is that we are calling my_load_defaults() even though we have mysql_options(), and the arguments we pass into my_load_defaults() are NULL, which eventually get de-referenced.
The fix is to change the configure script to only call my_load_defaults() if we don't have mysql_options().
[Testcase]
$ sudo apt update
$ sudo apt install snmp snmpd snmptrapd snmp-mibs-downloader
Edit /etc/snmp/snmptrapd.conf and add the following entries:
disableAuthorization yes
traphandle default /usr/bin/logger
sqlMaxQueue 1
sqlSaveInterval 9
Save and exit.
It is easier to reproduce if you stop and disable all services:
$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmp.service
Then try running:
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
There is a test package available in the following ppa:
https://launchpad.net/~mruffell/+archive/ubuntu/sf339433-test
When running this test package, you will instead see:
$ sudo /usr/sbin/snmptrapd -LOw -f
mysql_real_connect() failed
Error 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
(I don't have a mysql server configured, but we don't segfault anymore).
[Where problems can occur]
We are changing how snmptrapd initialises and begins connections to a mysql server, and if a regression were to occur, it would be limited to users of snmptrapd with the mysql backend. Other database backends would not be affected.
Other binaries produced would also not be affected.
[Other Info]
The issue was fixed upstream by the following commit:
commit 011342d8e453b9e0585bf77f659d80c648df8c9f
Author: Bart Van Assche <bvanassche@acm.org>
Date: Sat Aug 18 09:28:14 2018 -0700
Subject: snmptrapd: Let configure check for mysql_options()
Link: https://github.com/net-snmp/net-snmp/commit/011342d8e453b9e0585bf77f659d80c648df8c9f |
|
2022-06-27 04:47:45 |
Matthew Ruffell |
attachment added |
|
Debdiff for net-snmp for Focal https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1979933/+attachment/5599932/+files/lp1979933_focal.debdiff |
|
2022-06-27 05:46:18 |
Matthew Ruffell |
description |
[Impact]
When starting snmptrapd configured to connect to a mysql server, we segmentation fault when calling my_load_defaults():
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
(gdb) bt
#0 0x00007efd8d9f15b0 in MEM_ROOT::Alloc (length=56, this=this@entry=0x0) at ./include/my_alloc.h:157
#1 init_default_directories (alloc=alloc@entry=0x0) at ./mysys/my_default.cc:1632
#2 0x00007efd8d9f817a in my_load_defaults (conf_file=0x7efd8e751f64 "my", groups=0x7efd8e7550c8, argc=0x7ffd8941b674, argv=0x7ffd8941b678, alloc=0x0, default_directories=0x555a8abccc00) at ./mysys/my_default.cc:692
#3 0x00007efd8e74fe1b in netsnmp_mysql_init () from /lib/x86_64-linux-gnu/libnetsnmptrapd.so.35
#4 0x0000555a8a9e3873 in main (argc=<optimized out>, argv=<optimized out>) at snmptrapd.c:1196
What happens is that we are calling my_load_defaults() even though we have mysql_options(), and the arguments we pass into my_load_defaults() are NULL, which eventually get de-referenced.
The fix is to change the configure script to only call my_load_defaults() if we don't have mysql_options().
[Testcase]
$ sudo apt update
$ sudo apt install snmp snmpd snmptrapd snmp-mibs-downloader
Edit /etc/snmp/snmptrapd.conf and add the following entries:
disableAuthorization yes
traphandle default /usr/bin/logger
sqlMaxQueue 1
sqlSaveInterval 9
Save and exit.
It is easier to reproduce if you stop and disable all services:
$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmp.service
Then try running:
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
There is a test package available in the following ppa:
https://launchpad.net/~mruffell/+archive/ubuntu/sf339433-test
When running this test package, you will instead see:
$ sudo /usr/sbin/snmptrapd -LOw -f
mysql_real_connect() failed
Error 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
(I don't have a mysql server configured, but we don't segfault anymore).
[Where problems can occur]
We are changing how snmptrapd initialises and begins connections to a mysql server, and if a regression were to occur, it would be limited to users of snmptrapd with the mysql backend. Other database backends would not be affected.
Other binaries produced would also not be affected.
[Other Info]
The issue was fixed upstream by the following commit:
commit 011342d8e453b9e0585bf77f659d80c648df8c9f
Author: Bart Van Assche <bvanassche@acm.org>
Date: Sat Aug 18 09:28:14 2018 -0700
Subject: snmptrapd: Let configure check for mysql_options()
Link: https://github.com/net-snmp/net-snmp/commit/011342d8e453b9e0585bf77f659d80c648df8c9f |
[Impact]
When starting snmptrapd configured to connect to a mysql server, we segmentation fault when calling my_load_defaults():
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
(gdb) bt
#0 0x00007efd8d9f15b0 in MEM_ROOT::Alloc (length=56, this=this@entry=0x0) at ./include/my_alloc.h:157
#1 init_default_directories (alloc=alloc@entry=0x0) at ./mysys/my_default.cc:1632
#2 0x00007efd8d9f817a in my_load_defaults (conf_file=0x7efd8e751f64 "my", groups=0x7efd8e7550c8, argc=0x7ffd8941b674, argv=0x7ffd8941b678, alloc=0x0, default_directories=0x555a8abccc00) at ./mysys/my_default.cc:692
#3 0x00007efd8e74fe1b in netsnmp_mysql_init () from /lib/x86_64-linux-gnu/libnetsnmptrapd.so.35
#4 0x0000555a8a9e3873 in main (argc=<optimized out>, argv=<optimized out>) at snmptrapd.c:1196
What happens is that we are calling my_load_defaults() even though we have mysql_options(), and the arguments we pass into my_load_defaults() are NULL, which eventually get de-referenced.
The fix is to change the configure script to only call my_load_defaults() if we don't have mysql_options().
[Testcase]
$ sudo apt update
$ sudo apt install snmp snmpd snmptrapd snmp-mibs-downloader
Edit /etc/snmp/snmptrapd.conf and add the following entries:
disableAuthorization yes
traphandle default /usr/bin/logger
sqlMaxQueue 1
sqlSaveInterval 9
Save and exit.
It is easier to reproduce if you stop and disable all services:
$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmpd.service
Then try running:
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
There is a test package available in the following ppa:
https://launchpad.net/~mruffell/+archive/ubuntu/sf339433-test
When running this test package, you will instead see:
$ sudo /usr/sbin/snmptrapd -LOw -f
mysql_real_connect() failed
Error 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
(I don't have a mysql server configured, but we don't segfault anymore).
[Where problems can occur]
We are changing how snmptrapd initialises and begins connections to a mysql server, and if a regression were to occur, it would be limited to users of snmptrapd with the mysql backend. Other database backends would not be affected.
Other binaries produced would also not be affected.
[Other Info]
The issue was fixed upstream by the following commit:
commit 011342d8e453b9e0585bf77f659d80c648df8c9f
Author: Bart Van Assche <bvanassche@acm.org>
Date: Sat Aug 18 09:28:14 2018 -0700
Subject: snmptrapd: Let configure check for mysql_options()
Link: https://github.com/net-snmp/net-snmp/commit/011342d8e453b9e0585bf77f659d80c648df8c9f |
|
2022-07-04 22:40:28 |
Matthew Ruffell |
tags |
focal sts |
focal sts sts-sponsor |
|
2022-07-22 21:59:44 |
Mauricio Faria de Oliveira |
tags |
focal sts sts-sponsor |
focal sts sts-sponsor-mfo |
|
2022-07-22 21:59:50 |
Mauricio Faria de Oliveira |
bug |
|
|
added subscriber Mauricio Faria de Oliveira |
2022-07-22 22:00:12 |
Mauricio Faria de Oliveira |
bug |
|
|
added subscriber STS Sponsors |
2022-08-02 05:20:08 |
Matthew Ruffell |
attachment added |
|
Debdiff for net-snmp for Focal V2 https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1979933/+attachment/5606368/+files/lp1979933_focal_V2.debdiff |
|
2022-08-03 11:53:39 |
Robie Basak |
net-snmp (Ubuntu Focal): status |
In Progress |
Incomplete |
|
2022-08-03 12:42:38 |
Robie Basak |
net-snmp (Ubuntu Focal): status |
Incomplete |
Fix Committed |
|
2022-08-03 12:42:39 |
Robie Basak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2022-08-03 12:42:40 |
Robie Basak |
bug |
|
|
added subscriber SRU Verification |
2022-08-03 12:42:44 |
Robie Basak |
tags |
focal sts sts-sponsor-mfo |
focal sts sts-sponsor-mfo verification-needed verification-needed-focal |
|
2022-08-04 00:53:35 |
Matthew Ruffell |
tags |
focal sts sts-sponsor-mfo verification-needed verification-needed-focal |
focal sts sts-sponsor-mfo verification-done-focal |
|
2022-08-16 23:05:09 |
Launchpad Janitor |
net-snmp (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2022-08-16 23:05:15 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|