[AGENT++] SNMP++ bug

Jochen Katz katz at agentpp.com
Tue Jan 31 23:23:06 CET 2006 

Hi,

> I guess there is a bug in snmp++ library. In a file uxsnmp.cpp in
> receive_snmp_notification function there is an instruction like below:
> 
> if (receive_buffer_len <= 0 )                // error or no data pending
>     return SNMP_CLASS_TL_FAILED;

I assume that this = is there because of the documentation of
recvfrom(): "These calls return the number of bytes received, or -1 if
an error occurred. The return value will be 0 when the peer has
performed an orderly shutdown."

As an UDP peer cannot be sut down, zero will never be returned to
indicate transport level failure. So (if there isn't any network guru,
who objects) I will change this to:

 if (receive_buffer_len < 0 )
     return SNMP_CLASS_TL_FAILED;

Zero length packets will then cause a parse error and won't trigger a
false callback with transport level failure.

> if (SNMP_CLASS_SUCCESS == status ||
>  SNMP_CLASS_TL_FAILED == status) {

> I checked what happens when I send an empty UDP datagram to the trap port.
> When I did the library crashed on the bolded line.

As your message was plain text, there is no bolded line, and I just
rechecked: zero sized packets don't trigger a crash (at least not for me).

Please try with the receive_trap consoleExample, and if this crashes
too, tell us where.

I found one point, where it is possible to trigger a crash: If a Snmp
object is added directly to the CNotifyEventQueue (this is an illegal
action) and not over Snmp::notify_register(). The callback function of
Snmp object is not set and CNotifyEvent::Callback() does not check for a
null callback function  pointer...

> What for we call Callback
> function when we received an empty UDP datagram or if there was an error in
> communication? I would remove a condition "||
>  SNMP_CLASS_TL_FAILED == status" from if statement. I did it and it seems
> that everything works correctly but I'd like to be sure that. Thanks for
> opinions and help

Removing the SNMP_CLASS_TL_FAILED check will result in an application
that is not notified if the network layer breaks.

Regards,
  Jochen

More information about the AGENTPP mailing list