I think there is an error in the function smiFreeData in lib/data.c. For a MIB of mine, smidump had a segmentation fault there, while the memory was being freed on exit. The code is:
if (objectPtr->typePtr) { if ((objectPtr->typePtr->export.basetype == SMI_BASETYPE_OCTETSTRING || objectPtr->typePtr->export.basetype == SMI_BASETYPE_BITS)) { smiFree(objectPtr->export.value.value.ptr);
It seems to be the case that for SMI_BASETYPE_OCTETSTRING, the contents is not a pointer, but an integer, and shouldn't be freed with smiFree. Then the correct code would be:
if (objectPtr->typePtr) { if ((objectPtr->typePtr->export.basetype == SMI_BASETYPE_OCTETSTRING)) { smiFree(objectPtr->export.value.value.ptr);
Hi Arndt,
Arndt Jonasson wrote:
I think there is an error in the function smiFreeData in lib/data.c. For a MIB of mine, smidump had a segmentation fault there, while the memory was being freed on exit. The code is:
if (objectPtr->typePtr) { if ((objectPtr->typePtr->export.basetype == SMI_BASETYPE_OCTETSTRING || objectPtr->typePtr->export.basetype == SMI_BASETYPE_BITS)) { smiFree(objectPtr->export.value.value.ptr);It seems to be the case that for SMI_BASETYPE_OCTETSTRING, the contents is not a pointer, but an integer, and shouldn't be freed with smiFree. Then the correct code would be:
if (objectPtr->typePtr) { if ((objectPtr->typePtr->export.basetype == SMI_BASETYPE_OCTETSTRING)) { smiFree(objectPtr->export.value.value.ptr);
In case of "BITS" (I guess you meant SMI_BASETYPE_BITS instead of SMI_BASETYPE_OCTETSTRING) the "value" may contain a DEFVAL value, which is stored in a malloc()ed storage that has to be freed. To get a better understanding of what goes wrong in your case, could you please send me your MIB (or a shrinked down MIB which still raises a segfault) in a private mail?
-frank
Frank Strauß wrote:
Hi Arndt,
Arndt Jonasson wrote:
I think there is an error in the function smiFreeData in lib/data.c. For a MIB of mine, smidump had a segmentation fault there, while the memory was being freed on exit. The code is:
if (objectPtr->typePtr) { if ((objectPtr->typePtr->export.basetype == SMI_BASETYPE_OCTETSTRING || objectPtr->typePtr->export.basetype == SMI_BASETYPE_BITS)) { smiFree(objectPtr->export.value.value.ptr);It seems to be the case that for SMI_BASETYPE_OCTETSTRING, the contents is not a pointer, but an integer, and shouldn't be freed with smiFree. Then the correct code would be:
if (objectPtr->typePtr) { if ((objectPtr->typePtr->export.basetype == SMI_BASETYPE_OCTETSTRING)) { smiFree(objectPtr->export.value.value.ptr);In case of "BITS" (I guess you meant SMI_BASETYPE_BITS instead of SMI_BASETYPE_OCTETSTRING) the "value" may contain a DEFVAL value, which is stored in a malloc()ed storage that has to be freed. To get a better understanding of what goes wrong in your case, could you please send me your MIB (or a shrinked down MIB which still raises a segfault) in a private mail?
-frank
Meanwhile, Arndt helped me to reproduce an error with DEFVALs given in a (octet) string notation while the object-type to which they are applied has a SYNTAX of "BITS". I've fixed this bug, so that an error message is now printed in this case and the DEFVAL is ignored. The new code is available from the SVN repository.
Thanks Arndt, for pointing this out.
-frank
participants (2)
-
Arndt Jonasson -
Frank Strauß