[Ace-users] [ace-bugs] [asnmp]: [agent PDU receiving bug]

Artem Nikitin nikitin at komset.ru
Thu Jan 31 23:30:30 CST 2008


ACE VERSION: 5.5, released Sun Mar 05 11:10:32 2006.

HOST MACHINE and OPERATING SYSTEM:
     MS Windows 2000, WINSOCK 2.0 (Product version 5.00.2195.6601 and
     5.2.3790.3959)
     
TARGET MACHINE and OPERATING SYSTEM, if different from HOST: -
COMPILER NAME AND VERSION (AND PATCHLEVEL):
   C++ compiler MS Visual Studio.NET 2003 (with SP1)

AREA/CLASS/EXAMPLE AFFECTED: asnmp library, sagent class

DOES THE PROBLEM AFFECT:EXECUTION

SYNOPSIS: PDU receiving bug

DESCRIPTION:
I work with asnmp
library and "sagent" class for creating my simple SNMP agent.

I got non-null('\0') terminated string when receive PDU from manager in the
"get_community" method of "wpdu" class. My call stack was damaging.

REPEAT BY:
....
 char rcv_com_str[MAX_COMM_STR_LEN];
 transaction tr(_snmp_session_);
 tr.handle_input(fd);
 if (tr.result(pdu_, rcv_com_str) < 0)  // damaging call
    return 0;
....


// return pdu to caller
int transaction::result(Pdu& pdu, char *comm_str, ACE_INET_Addr *from)
{
  // TODO: check to see the sender matches the receiver address..

  // remove any vbs existing in this pdu
  pdu.delete_all_vbs();

 // any data to return?
 if (receive_iovec_.iov_len == 0)
   return -1;

 wpdu tmp(receive_iovec_);

 snmp_version ver;

 // return comm str and from address of incomming pdu if requested
 int rc = tmp.get_pdu(pdu, ver);
 if (comm_str) 
   strcpy(comm_str, (char *)tmp.get_community());
 if (from)
  *from = receive_addr_;
 return rc;
}

SAMPLE FIX/WORKAROUND:

wpdu.cpp file:

void wpdu::get_community(char* target) const
{
  strncpy(target, community_name, comm_len);
}



More information about the Ace-users mailing list