pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/49860: DoS against snmpd on netbsd routers
The following reply was made to PR pkg/49860; it has been noted by GNATS.
From: 6bone%6bone.informatik.uni-leipzig.de@localhost
To: Christos Zoulas <christos%zoulas.com@localhost>
Cc: gnats-bugs%NetBSD.org@localhost, pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost,
pkgsrc-bugs%netbsd.org@localhost
Subject: Re: pkg/49860: DoS against snmpd on netbsd routers
Date: Tue, 28 Apr 2015 08:24:00 +0200 (CEST)
On Mon, 27 Apr 2015, Christos Zoulas wrote:
> Not very much, it seems to keep allocating memory... So perhaps gdb the
> process, break in malloc, and print a backtrace?
>
> $ gdb /path/to/snmpd pid-of-snmp-d
> (gdb) break malloc
> (gdb) continue
> (gdb) where
> (gdb) quit
> [hopefully it [snmpd] did not die, but it could...]
It looks as if the breakpoint is never reached.
I have repeatedly interrupted the program and generates an output of
where.
#0 0x00007f7ff5c3b695 in snmp_oid_compare ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c790aa in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79d3e in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#6 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#7 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#8 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#9 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#10 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#11 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#12 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#13 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#14 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#15 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#16 0x00000000004047da in main ()
Program received signal SIGINT, Interrupt.
0x00007f7ff5c3b6a0 in snmp_oid_compare () from
/usr/pkg/lib/libnetsnmp.so.30
(gdb) where
#0 0x00007f7ff5c3b6a0 in snmp_oid_compare ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c790aa in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79d3e in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#6 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#7 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#8 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#9 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#10 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#11 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#12 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#13 0x00000000004047da in main ()
#0 0x00007f7ff5c3b6bb in snmp_oid_compare ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c790aa in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79dc4 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#6 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#7 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#8 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#9 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#10 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#11 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#12 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#13 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#14 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#15 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#16 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#17 0x00000000004047da in main ()
Program received signal SIGINT, Interrupt.
0x00007f7ff5c7909e in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
(gdb) where
#0 0x00007f7ff5c7909e in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c79dc4 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#6 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#7 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#8 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#9 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#10 0x00000000004047da in main ()
(gdb) where
#0 0x00007f7ff5c3b6aa in snmp_oid_compare ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c790aa in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79d3e in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#6 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#7 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#8 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#9 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#10 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#11 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#12 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#13 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#14 0x00000000004047da in main ()
Program received signal SIGINT, Interrupt.
0x00007f7ff5c7909a in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
(gdb) where
#0 0x00007f7ff5c7909a in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c79d3e in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#6 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#7 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#8 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#9 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#10 0x00000000004047da in main ()
Program received signal SIGINT, Interrupt.
0x00007f7ff5c3b695 in snmp_oid_compare () from
/usr/pkg/lib/libnetsnmp.so.30
(gdb) where
#0 0x00007f7ff5c3b695 in snmp_oid_compare ()
from /usr/pkg/lib/libnetsnmp.so.30
#1 0x00007f7ff5c790aa in netsnmp_compare_netsnmp_index ()
from /usr/pkg/lib/libnetsnmp.so.30
#2 0x00007f7ff5c79dc4 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#3 0x00007f7ff5c79da1 in array_qsort () from
/usr/pkg/lib/libnetsnmp.so.30
#4 0x00007f7ff5c79e43 in Sort_Array () from /usr/pkg/lib/libnetsnmp.so.30
#5 0x00007f7ff5c7a3c1 in _ba_find () from /usr/pkg/lib/libnetsnmp.so.30
#6 0x00007f7ff788eaba in _arp_hook_update ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#7 0x00007f7ff78b5277 in netsnmp_access_arp_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#8 0x00007f7ff788ee26 in inetNetToMediaTable_container_load ()
from /usr/pkg/lib/libnetsnmpmibs.so.30
#9 0x00007f7ff7415d47 in _cache_load ()
from /usr/pkg/lib/libnetsnmpagent.so.30
#10 0x00007f7ff5c5e5b3 in run_alarms () from /usr/pkg/lib/libnetsnmp.so.30
#11 0x00000000004047da in main ()
I tested two more break points. netsnmp_access_arp_load and
_arp_hook_update.
The breakpoint netsnmp_access_arp_load seems to be never reached. The
breakpoint _arp_hook_update is reached. A loop within
netsnmp_access_arp_load?
Regards
Uwe
Home |
Main Index |
Thread Index |
Old Index