[SNMP4J] Problems in DefaultTcpTransportMapping when receiving fragmented header

Frank Fock fock at agentpp.com
Tue Jan 26 08:48:11 CET 2016 

Ji Bruno,

Sorry for the typo in the salutation. It was probably too late :-)
Many thanks for your valuable feedback though. When I wrote the
initial version I could not image that the first 6 bytes of the TCP
message could get fragmented (because the size of the message
should have been determined in one go)! 
You never stop learning ;-)

Best regards,
Frank


> On 26 Jan 2016, at 01:39, Frank Fock <fock at agentpp.com> wrote:
> 
> Hi Michal,
> 
> The latest 2.4.2 snapshot now contains the two fixes for the below described issues.
> However, for the second issue I implemented a different approach in order to
> optimize buffer usage and minimize buffer copy operations while making sure
> not more data is read then the (checked) message length determines.
> 
> Best regards,
> Frank
> 
> Am 25.01.2016 um 22:29 schrieb Bruno Filipe Basilio:
>>> I have fixed this issue in the latest SNMP4J 2.4.2 snapshot release.
>>> Your fix, seemed to be not complete (it covers not all kind of fragmentations).
>>> So I developed a more general fix.
>> Thank you for your input.
>> I've tested your fix and hit some other issues, see details bellow.
>> Please check the following changes that seem to fix the issues in our tested scenario.
>> 
>> --- old/org/snmp4j/transport/DefaultTcpTransportMapping.java    2016-01-24 23:49:26.000000000 +0000
>> +++ new/org/snmp4j/transport/DefaultTcpTransportMapping.java    2016-01-25 20:26:28.671899400 +0000
>> @@ -524,14 +558,16 @@ public class DefaultTcpTransportMapping
>>      public MessageLength getMessageLength(ByteBuffer buf) throws IOException {
>>        MutableByte type = new MutableByte();
>>        BERInputStream is = new BERInputStream(buf);
>> -      int ml = BER.decodeHeader(is, type);
>> +      int ml = BER.decodeHeader(is, type, false);
>>        int hl = (int)is.getPosition();
>>        MessageLength messageLength = new MessageLength(hl, ml);
>>        return messageLength;
>> @@ -1199,14 +1241,17 @@ public class DefaultTcpTransportMapping
>> 
>>    private void addBufferToReadBuffer(SocketEntry entry, ByteBuffer byteBuffer) {
>>      int buflen = byteBuffer.position();
>> +    int buflimit = byteBuffer.limit();
>>      if (entry.getReadBuffer() != null) {
>>        entry.getReadBuffer().put(byteBuffer.array(), 0, buflen);
>>      }
>>      else {
>> -      byte[] message = new byte[byteBuffer.limit()];
>> +      byte[] message = new byte[byteBuffer.capacity()];
>>        byteBuffer.flip();
>>        byteBuffer.get(message, 0, buflen);
>>        ByteBuffer newBuffer = ByteBuffer.wrap(message);
>> +      newBuffer.limit(buflimit);
>>        newBuffer.position(buflen);
>>        entry.setReadBuffer(newBuffer);
>>      }
>> 
>> *Issue 1*:  Message length decoding in header fails when checking message length
>> Logs:
>> 2016-01-25 09:42:38,324-0700 [DEBUG|DefaultTcpTransportMapping$ServerThread] (DefaultTcpTransportMapping.java:1034) Reading header 9 bytes from 172.26.50.120/4001
>> 2016-01-25 09:42:38,402-0700 [DEBUG|DefaultTcpTransportMapping$ServerThread] (DefaultTcpTransportMapping.java:1001) Read 1 bytes from 172.26.50.120/4001
>> 2016-01-25 09:42:38,402-0700 [WARN|DefaultTcpTransportMapping$ServerThread] (DefaultTcpTransportMapping.java:854) java.io.IOException: The encoded length 127 exceeds the number of bytes left in input at position 6 which actually is 10
>> 2016-01-25 09:42:38,402-0700 [DEBUG|TcpTransportMapping] (TcpTransportMapping.java:133) Firing transport state event: org.snmp4j.transport.TransportStateEvent[source=org.snmp4j.transport.DefaultTcpTransportMapping at 14aa6c3,peerAddress=172.26.50.120/4001,newState=2,cancelled=false,causingException=java.io.IOException: The encoded length 127 exceeds the number of bytes left in input at position 6 which actually is 10]
>> 
>> *Issue 2*: Read buffer capacity definition fail after fixing issue 1
>> Logs:
>> 2016-01-25 12:13:15,480-0700 [DEBUG|DefaultTcpTransportMapping$ServerThread] (DefaultTcpTransportMapping.java:1034) Reading header 1 bytes from 172.26.50.120/4001
>> 2016-01-25 12:13:15,551-0700 [DEBUG|DefaultTcpTransportMapping$ServerThread] (DefaultTcpTransportMapping.java:1001) Read 9 bytes from 172.26.50.120/4001
>> 2016-01-25 12:13:15,551-0700 [DEBUG|DefaultTcpTransportMapping$ServerThread] (DefaultTcpTransportMapping.java:1074) Message length is org.snmp4j.transport.MessageLength[headerLength=6,payloadLength=130]
>> 
>> std-out:
>> Exception in thread "DefaultTCPTransportMapping_10.170.0.12/0" java.lang.IllegalArgumentException
>>         at java.nio.Buffer.limit(Buffer.java:267)
>>         at org.snmp4j.transport.DefaultTcpTransportMapping$ServerThread.readSnmpMessagePayload(DefaultTcpTransportMapping.java:1092)
>>         at org.snmp4j.transport.DefaultTcpTransportMapping$ServerThread.readMessage(DefaultTcpTransportMapping.java:1011)
>>         at org.snmp4j.transport.DefaultTcpTransportMapping$ServerThread.run(DefaultTcpTransportMapping.java:838)
>>         at java.lang.Thread.run(Thread.java:724)
>> 
>> Best regards,
>> Bruno
>> 
>> 
>> Bruno Filipe Basílio
>> Departamento de Investigação, Desenvolvimento e Inovação
>> 
>> Tel: (+351) 214233436
>> 
>> http://www.brisainovacao.pt
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> --------------------------------------------------------------------------------
>> 
>> Declaração:
>> A informação contida nesta mensagem, e os ficheiros anexos, é privilegiada e confidencial, destinando-se exclusivamente ao(s) destinatário(s).Se não é o destinatário (ou o responsável pela sua entrega ao destinatário) e recebeu a mesma por engano, fica notificado que é estritamente proibido reproduzir, guardar ou distribuir toda ou qualquer parte desta mensagem e ficheiros anexos. Por favor reencaminhe a mensagem para o responsável pelo seu envio ou contacte-nos por telefone e elimine a mensagem e ficheiros anexos do seu computador, sem os reproduzir.
>> 
>> Disclaimer:
>> The information contained in this message, and any files attached, is privileged and confidential, and intended exclusively for the included addresses. If you are not the intended recipient (or the person responsible for delivering to the intended recipient) and received this message by mistake, be aware that copy, storage, distribution or any other use of all or part of this message and the files attached is strictly prohibited. Please notify the sender by reply e-mail or contact us by telephone and delete this message and the files attached, without retaining a copy.
>> 
>> --------------------------------------------------------------------------------
>> 
>> _______________________________________________
>> SNMP4J mailing list
>> SNMP4J at agentpp.org
>> https://oosnmp.net/mailman/listinfo/snmp4j
> 
> -- 
> ---
> AGENT++
> Maximilian-Kolbe-Str. 10
> 73257 Koengen, Germany
> https://agentpp.com
> Phone: +49 7024 8688230
> Fax:   +49 7024 8688231
> 
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> https://oosnmp.net/mailman/listinfo/snmp4j

More information about the SNMP4J mailing list