[AGENT++] Agent++ handling SNMP requests that are too big

SCOTT Damien damien.scott at uk.thalesgroup.com
Wed Jun 12 15:01:50 CEST 2013 

Hi all,

There appear to be some issues with the way in which Agent++ handles SNMP requests that are 'too big' (i.e. exceed MAX_SNMP_PACKET).  I expected a GET-RESPONSE message with the error status set to 'TooBig'.

1) While using Agent++ v3.5.31, running on QNX (a POSIX-compliant OS), I noticed that I didn't receive a reply for SNMP requests that were too big.  The problem appears to be in Snmpx::receive() in snmp_pp_ext.cpp (see code excerpt below).

It looks like the 'community' and 'version' are set in the call to unload().  However, this unload() function is not called if receive_buffer_len exceeds MAX_SNMP_PACKET.  So for SNMP requests that are too big, the 'community' field is invalid and an authentication failure occurs.

Can anyone confirm that this is a problem, and whether or not it still exists in Agent++ v4.0?  I had a look at the v4.0 code and the above function still appears to return before unload() can be called if the received message is too big.  However, the way in which the calling code (RequestList::receive() in request.cpp) detects authentication failures has changed.  Does the new implementation return a GET-RESPONSE for SNMP requests that are too big?

2) There also appears to be a separate issue with the same piece of code running under Windows.  As I understand it, the call to recvfrom() will set receive_buffer_len to -1 if the received message is too big.  This means that SNMP_CLASS_TL_FAILED is returned instead of SNMP_ERROR_TOO_BIG.

Any help on either of these issues would be appreciated.

Thanks

Damien


     do
     {
       receive_buffer_len = (long)recvfrom(iv_snmp_session,
                                 (char *) receive_buffer,
                                 MAX_SNMP_PACKET, 0,
                                 (struct sockaddr*)&from_addr,
                                 &fromlen);
     } while (receive_buffer_len < 0 && EINTR == errno);

     if (receive_buffer_len <= 0 )        // error or no data pending
       return SNMP_CLASS_TL_FAILED;

     if (receive_buffer_len >= MAX_SNMP_PACKET)
       return SNMP_ERROR_TOO_BIG;

     // copy fromaddress and remote port
     char* addr = inet_ntoa (from_addr.sin_addr);
     fromaddr = addr;
     fromaddr.set_port(ntohs(from_addr.sin_port));

     debugprintf(1, "++ AGENT++: data received from %s.",
               fromaddr.get_printable());
     debughexprintf(5, receive_buffer, receive_buffer_len);

     snmpmsg.load(receive_buffer, receive_buffer_len);

     // return the status of unload method
     return snmpmsg.unload(pdu, community, version);

More information about the AGENTPP mailing list