sts-sponsors team mailing list archive
-
sts-sponsors team
-
Mailing list archive
-
Message #03195
[Bug 1979933] Re: snmptrapd Segmentation Faults When Calling my_load_defaults()
Hi Matthew,
Thanks for the debdiff; sponsored to focal!
I just fixed the Description: field in the patch DEP3 headers,
which isn't as free-form as Subject: line + unstructured text.
(Please see sample in DEP-3 [1] and multiline fields/paragraph
separators in Debian Policy [2] for details, if you'd like it.)
Everything else looks excellent, and I'll just document checks.
cheers,
Mauricio
- Built successfully on all architectures with focal-proposed [0].
- Upstream source code remains the same as with this change,
as of commit 4d43fbd64a07 ("Makefile.in: Only build the fuzzing tests in regular mode").
- Focal's MySQL source code, of course, defines the relied upon
function mysql_options():
int STDCALL mysql_options(MYSQL *mysql, enum mysql_option option,
const void *arg);
- Supported releases after Focal already have the fix:
$ git describe --contains 011342d8e453b9e0585bf77f659d80c648df8c9f
v5.8.1.pre1~91
$ rmadison --arch=source net-snmp
...
net-snmp | 5.8+dfsg-2ubuntu2 | focal | source
net-snmp | 5.8+dfsg-2ubuntu2.3 | focal-security | source
net-snmp | 5.8+dfsg-2ubuntu2.3 | focal-updates | source
net-snmp | 5.9.1+dfsg-1ubuntu2 | jammy | source
net-snmp | 5.9.1+dfsg-1ubuntu2.1 | jammy-updates | source
net-snmp | 5.9.1+dfsg-4ubuntu1 | kinetic | source
- The backport delta (thanks for noting it in DEP-3's Origin:)
is 2 context lines:
- /* Define to 1 if you have the <my_global.h> header file. */
- #undef HAVE_MY_GLOBAL_H
+ /* Define if MY_INIT() is availabe in libmysqlclient */
+ #undef HAVE_MY_INIT
- The patch seems to no longer accept command line arguments to
specify connection parameters to MySQL, but it looks like that
was never the purpose (just some flexibility, I guess) per:
* the original code commit
* the comment "load .my.cnf values" in the failing / now disabled calls:
/** load .my.cnf values */
#if HAVE_MY_LOAD_DEFAULTS
my_load_defaults ("my", _sql.groups, ¬_argc, ¬_argv, 0);
#elif defined(HAVE_LOAD_DEFAULTS)
load_defaults ("my", _sql.groups, ¬_argc, ¬_argv);
* the usage of mysql_options(MYSQL_READ_DEFAULT_GROUP) [3]:
MYSQL_READ_DEFAULT_GROUP (argument type: char *)
Read options from the named group from my.cnf or the file
specified with MYSQL_READ_DEFAULT_FILE.
* Most importantly, the project's README.sql file:
net-snmp-5.8+dfsg$ head -n15 README.sql
snmptrapd MySQL Logging
-----------------------
A trap handler for logging traps to a MySQL database was added
in release 5.5.0.
The MySQL database location and password must be configured in
/root/.my.cnf:
[snmptrapd]
host=localhost
password=sql
User may also be configured, if using a MySQL user besides root.
[0] https://launchpad.net/~mfo/+archive/ubuntu/lp1979933
[1] https://dep-team.pages.debian.net/deps/dep3/
[2] https://www.debian.org/doc/debian-policy/ch-controlfields.html#syntax-of-control-files
[3] https://dev.mysql.com/doc/c-api/8.0/en/mysql-options.html
--
You received this bug notification because you are a member of STS
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1979933
Title:
snmptrapd Segmentation Faults When Calling my_load_defaults()
Status in net-snmp package in Ubuntu:
Fix Released
Status in net-snmp source package in Focal:
In Progress
Bug description:
[Impact]
When starting snmptrapd configured to connect to a mysql server, we
segmentation fault when calling my_load_defaults():
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
(gdb) bt
#0 0x00007efd8d9f15b0 in MEM_ROOT::Alloc (length=56, this=this@entry=0x0) at ./include/my_alloc.h:157
#1 init_default_directories (alloc=alloc@entry=0x0) at ./mysys/my_default.cc:1632
#2 0x00007efd8d9f817a in my_load_defaults (conf_file=0x7efd8e751f64 "my", groups=0x7efd8e7550c8, argc=0x7ffd8941b674, argv=0x7ffd8941b678, alloc=0x0, default_directories=0x555a8abccc00) at ./mysys/my_default.cc:692
#3 0x00007efd8e74fe1b in netsnmp_mysql_init () from /lib/x86_64-linux-gnu/libnetsnmptrapd.so.35
#4 0x0000555a8a9e3873 in main (argc=<optimized out>, argv=<optimized out>) at snmptrapd.c:1196
What happens is that we are calling my_load_defaults() even though we
have mysql_options(), and the arguments we pass into
my_load_defaults() are NULL, which eventually get de-referenced.
The fix is to change the configure script to only call
my_load_defaults() if we don't have mysql_options().
[Testcase]
$ sudo apt update
$ sudo apt install snmp snmpd snmptrapd snmp-mibs-downloader
Edit /etc/snmp/snmptrapd.conf and add the following entries:
disableAuthorization yes
traphandle default /usr/bin/logger
sqlMaxQueue 1
sqlSaveInterval 9
Save and exit.
It is easier to reproduce if you stop and disable all services:
$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmpd.service
Then try running:
$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault (core dumped)
There is a test package available in the following ppa:
https://launchpad.net/~mruffell/+archive/ubuntu/sf339433-test
When running this test package, you will instead see:
$ sudo /usr/sbin/snmptrapd -LOw -f
mysql_real_connect() failed
Error 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
(I don't have a mysql server configured, but we don't segfault
anymore).
[Where problems can occur]
We are changing how snmptrapd initialises and begins connections to a
mysql server, and if a regression were to occur, it would be limited
to users of snmptrapd with the mysql backend. Other database backends
would not be affected.
Other binaries produced would also not be affected.
[Other Info]
The issue was fixed upstream by the following commit:
commit 011342d8e453b9e0585bf77f659d80c648df8c9f
Author: Bart Van Assche <bvanassche@xxxxxxx>
Date: Sat Aug 18 09:28:14 2018 -0700
Subject: snmptrapd: Let configure check for mysql_options()
Link: https://github.com/net-snmp/net-snmp/commit/011342d8e453b9e0585bf77f659d80c648df8c9f
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1979933/+subscriptions
