[Pkg-net-snmp-devel] Bug#660874: Invoking snmpwalk with an hostname that does not exist results in a segmentation fault

Frank frank.baalbergen at mendix.com
Wed Feb 22 14:28:53 UTC 2012 

Package: libsnmp15
Version: 5.4.3~dfsg-2

When i invoke 'segfault.py' without arguments from an ordinary shell i 
get a `Segmentation fault`. This issue only occurs when using a hostname 
that does not exist.

$ ./segfault.py
getaddrinfo: thishostdoesnotexist Name or service not known
Segmentation fault

Segfault.py contains:
#!/usr/bin/python
import netsnmp
in_high  = netsnmp.Varbind(".1.3.6.1.4.1.789.1.2.2.11.0")
in_high = netsnmp.snmpwalk(in_high, Version = 1, DestHost = 
"thisdoesnotexist", Community="***")

Syslog:
kernel: [1032464.043361] segfault.py[10186]: segfault at 58 ip 
00007fcf3a730c78 sp 00007fffe4831c40 error 4 in 
libnetsnmp.so.15.1.2[7fcf3a718000+98000]

$ apt-file search libnetsnmp.so.15.1.2
libsnmp15: /usr/lib/libnetsnmp.so.15.1.2
libsnmp15-dbg: /usr/lib/debug/usr/lib/libnetsnmp.so.15.1.2

$ strace ./segfault.py 2>&1 | tail -n 15
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), 
sin_addr=inet_addr("10.140.32.1")}, 16) = 0
gettimeofday({1329920329, 212830}, NULL) = 0
poll([{fd=3, events=POLLOUT}], 1, 0)    = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\223\356\1\0\0\1\0\0\0\0\0\0\24thishostdoesnotexis"..., 57, 
MSG_NOSIGNAL, NULL, 0) = 57
poll([{fd=3, events=POLLIN}], 1, 5000)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [127])               = 0
recvfrom(3, "\223\356\205\203\0\1\0\0\0\1\0\0\24thishostdoesnotexis"..., 
1024, 0, {sa_family=AF_INET, sin_port=htons(53), 
sin_addr=inet_addr("10.140.32.1")}, [16]) = 127
close(3)                                = 0
write(2, "getaddrinfo: thishostdoesnotexis"..., 60getaddrinfo: 
thishostdoesnotexist Name or service not known
) = 60
fstat(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0x7f3ca5cda000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

A segmentation fault is not an expected behaviour in this situation.

I am using `Linux [...] 2.6.32-5-xen-amd64 [...] x86_64 GNU/Linux`

-- 
Frank Baalbergen - System / Network Engineer
T +31 (0)10 2760434 | frank.baalbergen at mendix.com | www.mendix.com

More information about the Pkg-net-snmp-devel mailing list