Bug 219072 - net-mgmt/net-snmp: memory leak in swrun_kinfo.c
Summary: net-mgmt/net-snmp: memory leak in swrun_kinfo.c
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Ryan Steinmetz
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-04 19:37 UTC by Markus Wennrich
Modified: 2020-02-07 07:58 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (zi)


Attachments
patch for agent/mibgroup/host/data_access/swrun_kinfo.c (938 bytes, patch)
2017-05-04 19:37 UTC, Markus Wennrich
no flags Details | Diff
patch for agent/mibgroup/host/data_access/swrun_kinfo.c (fixed) (980 bytes, patch)
2017-05-04 20:10 UTC, Markus Wennrich
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Wennrich 2017-05-04 19:37:15 UTC
Created attachment 182305 [details]
patch for agent/mibgroup/host/data_access/swrun_kinfo.c

agent/mibgroup/host/data_access/swrun_kinfo.c doesn't check the return code of CONTAINER_INSERT and leaks memory, if return code is "-1" (duplicate key)

        rc = CONTAINER_INSERT(container, entry);

(rc never gets checked)


This patch checks the return code and frees the allocated entry, if it didn't get inserted because becaus it was a duplicate.

        if ( -1 == CONTAINER_INSERT(container, entry)) {
          // entry didn't get inserted (duplicate key)
          free(entry);
        }


This resovles this memory leak.

See also upstream bug: https://sourceforge.net/p/net-snmp/bugs/2717/
and upstream submitted patch: https://sourceforge.net/p/net-snmp/patches/1341/
Comment 1 Markus Wennrich 2017-05-04 20:10:26 UTC
Created attachment 182307 [details]
patch for agent/mibgroup/host/data_access/swrun_kinfo.c (fixed)
Comment 2 Markus Wennrich 2017-05-04 20:11:47 UTC
Sorry, nearly introduced a use-after-free bug.
Fixed patch uploaded.
Comment 3 Walter Schwarzenfeld freebsd_triage 2018-01-13 23:20:27 UTC
Maintainer feedback?
Comment 4 Kurt Jaeger freebsd_committer 2019-09-28 18:32:52 UTC
This bug is still in 5.8 and the fix needs to be upstreamed.
Comment 5 erik 2020-01-31 15:38:26 UTC
This issue still exists (it may leak a significant amount of memory each day). Would it be possible to add the patch to pkg/ports builds?
Comment 6 Kurt Jaeger freebsd_committer 2020-01-31 15:43:42 UTC
maintainer in general asks to push upstream to include the patches upstream.

Can you try to push upstream ?
Comment 7 erik 2020-01-31 15:53:40 UTC
Sure, I can do a +1 on the issue upstream, however attempts have been made to push this upstream but nothing has happened for two years. If I get no reply in reasonable time, would you consider add the patch to ports?
Comment 8 Kurt Jaeger freebsd_committer 2020-01-31 17:00:06 UTC
There's probably more needed than a +1 on upstream. It's more: Get in touch with the upstream maintainer by mail or phone or ..., and get him to approve/apply the patch.
Comment 9 erik 2020-02-01 22:22:09 UTC
Thankfully a fix has been applied to the v5.8 and master branches of net-snmp. So while still on the 5.7 series, would it be possible to have this patch locally applied?

https://github.com/net-snmp/net-snmp/issues/61
Comment 10 erik 2020-02-07 07:58:29 UTC
I've verified that applying this patch solves the issue for net-snmp 5.7.3 as well. No memory leak for the last week.

https://github.com/net-snmp/net-snmp/commit/5846564f5be46e0e362be894d4cb57be383c5b3d