[Ace-users] [ace-bugs] [asnmp]: [agent PDU receiving bug]

Steve Huston shuston at riverace.com
Tue Feb 12 10:13:56 CST 2008 

Hi Artem,

I had a look at this issue briefly. The wpdu class already adds a 0
terminator to the community string, so it's not clear how you're app
is running into a non-terminated string. If you can narrow the source
of the non-terminated, or corrupted, string, that would be helpful.

-Steve

--
Steve Huston, Riverace Corporation
Want to take ACE training on YOUR schedule?
See http://www.riverace.com/training.htm


> -----Original Message-----
> From: ace-bugs-bounces at cse.wustl.edu 
> [mailto:ace-bugs-bounces at cse.wustl.edu] On Behalf Of Artem Nikitin
> Sent: Friday, February 01, 2008 12:31 AM
> To: ace-bugs at cs.wustl.edu
> Subject: [ace-bugs] [asnmp]: [agent PDU receiving bug]
> 
> 
> ACE VERSION: 5.5, released Sun Mar 05 11:10:32 2006.
> 
> HOST MACHINE and OPERATING SYSTEM:
>      MS Windows 2000, WINSOCK 2.0 (Product version 5.00.2195.6601
and
>      5.2.3790.3959)
>      
> TARGET MACHINE and OPERATING SYSTEM, if different from HOST: -
> COMPILER NAME AND VERSION (AND PATCHLEVEL):
>    C++ compiler MS Visual Studio.NET 2003 (with SP1)
> 
> AREA/CLASS/EXAMPLE AFFECTED: asnmp library, sagent class
> 
> DOES THE PROBLEM AFFECT:EXECUTION
> 
> SYNOPSIS: PDU receiving bug
> 
> DESCRIPTION:
> I work with asnmp
> library and "sagent" class for creating my simple SNMP agent.
> 
> I got non-null('\0') terminated string when receive PDU from 
> manager in the
> "get_community" method of "wpdu" class. My call stack was damaging.
> 
> REPEAT BY:
> ....
>  char rcv_com_str[MAX_COMM_STR_LEN];
>  transaction tr(_snmp_session_);
>  tr.handle_input(fd);
>  if (tr.result(pdu_, rcv_com_str) < 0)  // damaging call
>     return 0;
> ....
> 
> 
> // return pdu to caller
> int transaction::result(Pdu& pdu, char *comm_str, ACE_INET_Addr
*from)
> {
>   // TODO: check to see the sender matches the receiver address..
> 
>   // remove any vbs existing in this pdu
>   pdu.delete_all_vbs();
> 
>  // any data to return?
>  if (receive_iovec_.iov_len == 0)
>    return -1;
> 
>  wpdu tmp(receive_iovec_);
> 
>  snmp_version ver;
> 
>  // return comm str and from address of incomming pdu if requested
>  int rc = tmp.get_pdu(pdu, ver);
>  if (comm_str) 
>    strcpy(comm_str, (char *)tmp.get_community());
>  if (from)
>   *from = receive_addr_;
>  return rc;
> }
> 
> SAMPLE FIX/WORKAROUND:
> 
> wpdu.cpp file:
> 
> void wpdu::get_community(char* target) const
> {
>   strncpy(target, community_name, comm_len);
> }
> 
> _______________________________________________
> ace-bugs mailing list
> ace-bugs at mail.cse.wustl.edu
> http://mail.cse.wustl.edu/mailman/listinfo/ace-bugs
>

More information about the Ace-users mailing list