This is the mail archive of the
ecos-discuss@sourceware.org
mailing list for the eCos project.
Re: Re: SNMP lockup
On Fri, May 08, 2009 at 10:05:13PM +0000, Grant Edwards wrote:
> >> It appears that in mibgroup/mibII/interfaces.c, the call to
> >>
> >> cyg_snmp_get_if(if_num)
> >>
> >> with if_num==0 never returns.
> >
> > struct ifnet *cyg_snmp_get_if(int if_num) {
> > int index = 0;
> > struct ifnet *ifp;
> >
> > do {
> > while(0 == ifnet_addrs[index])
> > index++;
> >
> > ifp = ifnet_addrs[index]->ifa_ifp;
> >
> > if_num--;
> > index++;
> > } while (if_num);
> >
> > return ifp;
> > }
> >
> > If the above code is called with if_num==0, won't it decrement
> > it to -1, and then loop 2^32 times before giving up?
>
> It also mis-handles negative values in a similar manner.
>
> Adding a check seems to fix things:
>
> struct ifnet *cyg_snmp_get_if(int if_num) {
> int index = 0;
> struct ifnet *ifp;
>
> if (if_num <= 0)
> return NULL;
>
> do {
>
> [...]
>
> It should also probably check to make sure index doesn't go off
> then end of if_addrs[] when large positive numbers are passed.
> Perhaps something like this:
>
> struct ifnet *cyg_snmp_get_if(int if_num)
> {
> int index = 0;
> struct ifnet *ifp;
>
> if (if_num == 0)
> return NULL;
>
> do
> {
> while (0 == ifnet_addrs[index] && index < if_index)
> index++;
>
> if (index >= if_index)
> return NULL;
>
> ifp = ifnet_addrs[index]->ifa_ifp;
>
> if_num--;
> index++;
> }
> while (if_num);
>
> return ifp;
> }
>
Hi
If your guess is right... Can you walk here with/without tweaks when if_num=0
repo/devo/ecos/packages/net/snmp/agent/current/src/mibgroup/mibII/interfaces.c:398
(CVS HEAD sources)
Sergei
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss