sts-sponsors team mailing list archive

Thread
Date
[Bug 1979933] Re: snmptrapd Segmentation Faults When Calling my_load_defaults()

To: sts-sponsors@xxxxxxxxxxxxxxxxxxx
From: Matthew Ruffell <1979933@xxxxxxxxxxxxxxxxxx>
Date: Thu, 04 Aug 2022 00:52:49 -0000
Reply-to: Bug 1979933 <1979933@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Performing verification for Focal

I install snmptrapd 5.8+dfsg-2ubuntu2.4 from updates, and edited
/etc/snmp/snmptrapd.conf to have the following contents:

disableAuthorization yes
traphandle default /usr/bin/logger
sqlMaxQueue 1
sqlSaveInterval 9

I disabled all snmptrapd services:

$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmpd.service

and then tried to start snmptrapd, but received a segmentation fault:

$ sudo /usr/sbin/snmptrapd -LOw -f
Segmentation fault

>From syslog:
Aug  4 00:47:45 focal-snmp kernel: [ 1615.972207] snmptrapd[5293]: segfault at 8 ip 00007f4879003680 sp 00007ffe914993f0 error 4 in libmysqlclient.so.21.2.30[7f4878f93000+130000]
Aug  4 00:47:45 focal-snmp kernel: [ 1615.972229] Code: 5c 41 5d 41 5e 5d c3 e8 0e 17 f9 ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 41 55 49 89 fd 41 54 53 48 83 ec 08 <4c> 8b 67 08 48 8b 47 10 4c 29 e0 48 83 f8 37 0f 86 cb 00 00 00 49

I then enabled -proposed and installed snmptrapd 5.8+dfsg-2ubuntu2.5.

Again, I stopped the services:

$ sudo systemctl stop snmptrapd.service
$ sudo systemctl stop snmpd.service

and tried to start snmptrapd:

$ sudo /usr/sbin/snmptrapd -LOw -f
mysql_real_connect() failed
Error 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

This time we no longer segmentation fault, and snmptrapd keeps running.

The package in -proposed fixes the issue, happy to mark verified.

** Tags removed: verification-needed verification-needed-focal
** Tags added: verification-done-focal

-- 
You received this bug notification because you are a member of STS
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1979933

Title:
  snmptrapd Segmentation Faults When Calling my_load_defaults()

Status in net-snmp package in Ubuntu:
  Fix Released
Status in net-snmp source package in Focal:
  Fix Committed

Bug description:
  [Impact]

  When starting snmptrapd configured to connect to a mysql server, we
  segmentation fault when calling my_load_defaults():

  $ sudo /usr/sbin/snmptrapd -LOw -f
  Segmentation fault (core dumped)

  (gdb) bt
  #0  0x00007efd8d9f15b0 in MEM_ROOT::Alloc (length=56, this=this@entry=0x0) at ./include/my_alloc.h:157
  #1  init_default_directories (alloc=alloc@entry=0x0) at ./mysys/my_default.cc:1632
  #2  0x00007efd8d9f817a in my_load_defaults (conf_file=0x7efd8e751f64 "my", groups=0x7efd8e7550c8, argc=0x7ffd8941b674, argv=0x7ffd8941b678, alloc=0x0, default_directories=0x555a8abccc00) at ./mysys/my_default.cc:692
  #3  0x00007efd8e74fe1b in netsnmp_mysql_init () from /lib/x86_64-linux-gnu/libnetsnmptrapd.so.35
  #4  0x0000555a8a9e3873 in main (argc=<optimized out>, argv=<optimized out>) at snmptrapd.c:1196

  What happens is that we are calling my_load_defaults() even though we
  have mysql_options(), and the arguments we pass into
  my_load_defaults() are NULL, which eventually get de-referenced.

  The fix is to change the configure script to only call
  my_load_defaults() if we don't have mysql_options().

  [Testcase]

  $ sudo apt update
  $ sudo apt install snmp snmpd snmptrapd snmp-mibs-downloader

  Edit /etc/snmp/snmptrapd.conf and add the following entries:

  disableAuthorization yes
  traphandle default /usr/bin/logger
  sqlMaxQueue 1
  sqlSaveInterval 9

  Save and exit.

  It is easier to reproduce if you stop and disable all services:

  $ sudo systemctl stop snmptrapd.service
  $ sudo systemctl stop snmpd.service

  Then try running:

  $ sudo /usr/sbin/snmptrapd -LOw -f
  Segmentation fault (core dumped)

  There is a test package available in the following ppa:

  https://launchpad.net/~mruffell/+archive/ubuntu/sf339433-test

  When running this test package, you will instead see:

  $ sudo /usr/sbin/snmptrapd -LOw -f
  mysql_real_connect() failed
  Error 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

  (I don't have a mysql server configured, but we don't segfault
  anymore).

  [Where problems can occur]

  We are changing how snmptrapd initialises and begins connections to a
  mysql server, and if a regression were to occur, it would be limited
  to users of snmptrapd with the mysql backend. Other database backends
  would not be affected.

  Other binaries produced would also not be affected.

  [Other Info]

  The issue was fixed upstream by the following commit:

  commit 011342d8e453b9e0585bf77f659d80c648df8c9f
  Author: Bart Van Assche <bvanassche@xxxxxxx>
  Date:   Sat Aug 18 09:28:14 2018 -0700
  Subject: snmptrapd: Let configure check for mysql_options()
  Link: https://github.com/net-snmp/net-snmp/commit/011342d8e453b9e0585bf77f659d80c648df8c9f

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1979933/+subscriptions