Created attachment 180780 [details] properly initialize port->transport One of my 11.0-STABLE systems starts bsnmpd just fine but first request crashes it with sigsegv and core is generated. #0 snmpd_input (pi=0x2861ce98, tport=0x2861cc80) at /home/src/usr.sbin/bsnmpd/bsnmpd/../../../contrib/bsnmp/snmpd/main.c:1044 1044 ret = tport->transport->vtab->recv(tport, pi); (gdb) bt #0 snmpd_input (pi=0x2861ce98, tport=0x2861cc80) at /home/src/usr.sbin/bsnmpd/bsnmpd/../../../contrib/bsnmp/snmpd/main.c:1044 #1 0x0805f36c in udp_input (fd=8, udata=0x2861cc80) at /home/src/usr.sbin/bsnmpd/bsnmpd/../../../contrib/bsnmp/snmpd/trans_udp.c:98 #2 0x0804e116 in input (fd=8, mask=1, uap=0x28621080) at /home/src/usr.sbin/bsnmpd/bsnmpd/../../../contrib/bsnmp/snmpd/main.c:900 #3 0x2809b9a7 in poll_dispatch (wait=1) at /home/src/contrib/libbegemot/rpoll.c:614 #4 0x0804f9c5 in main (argc=0, argv=0xbfbfee78) at /home/src/usr.sbin/bsnmpd/bsnmpd/../../../contrib/bsnmp/snmpd/main.c:1714 Current language: auto; currently minimal (gdb) p tport->transport $1 = (struct transport *) 0x0 On line patch fixing the problem is attached. The problem manifests when bsnmpd.conf has several begemotSnmpdPortStatus.* lines for distinct IP addresses and addresses are unsorted, for example: # open standard SNMP ports #begemotSnmpdPortStatus.0.0.0.0.161 = 1 begemotSnmpdPortStatus.[192.168.1.6].161 = 1 begemotSnmpdPortStatus.127.0.0.1.161 = 1
Created attachment 180781 [details] properly initialize port->transport Better version of the same patch.
A commit references this bug: Author: ngie Date: Mon Mar 13 18:01:02 UTC 2017 New revision: 315206 URL: https://svnweb.freebsd.org/changeset/base/315206 Log: bsnmpd: fix segfault when trans_insert_port(..) is called with multiple out of order addresses Move `port->transport` initialization before the TAILQ_FOREACH(..) loop to ensure that the value is properly initialized before it's inserted into the TAILQ. MFC after: 1 week PR: 217760 Submitted by: eugen Sponsored by: Dell EMC Isilon Changes: head/contrib/bsnmp/snmpd/main.c
Thanks for the patch eugen!
A commit references this bug: Author: ngie Date: Mon Mar 20 03:13:01 UTC 2017 New revision: 315611 URL: https://svnweb.freebsd.org/changeset/base/315611 Log: MFC r315206: bsnmpd: fix segfault when trans_insert_port(..) is called with multiple out of order addresses Move `port->transport` initialization before the TAILQ_FOREACH(..) loop to ensure that the value is properly initialized before it's inserted into the TAILQ. PR: 217760 Changes: _U stable/11/ stable/11/contrib/bsnmp/snmpd/main.c
A commit references this bug: Author: ngie Date: Mon Mar 20 03:13:03 UTC 2017 New revision: 315612 URL: https://svnweb.freebsd.org/changeset/base/315612 Log: MFC r315206: bsnmpd: fix segfault when trans_insert_port(..) is called with multiple out of order addresses Move `port->transport` initialization before the TAILQ_FOREACH(..) loop to ensure that the value is properly initialized before it's inserted into the TAILQ. PR: 217760 Changes: _U stable/10/ stable/10/contrib/bsnmp/snmpd/main.c
A commit references this bug: Author: ngie Date: Mon Mar 20 03:18:16 UTC 2017 New revision: 315613 URL: https://svnweb.freebsd.org/changeset/base/315613 Log: MFC r315206: bsnmpd: fix segfault when trans_insert_port(..) is called with multiple out of order addresses Move `port->transport` initialization before the TAILQ_FOREACH(..) loop to ensure that the value is properly initialized before it's inserted into the TAILQ. PR: 217760 Changes: _U stable/9/ _U stable/9/contrib/ _U stable/9/contrib/bsnmp/ stable/9/contrib/bsnmp/snmpd/main.c