From fe6f1a998b92eaf2abdfab0973d16d28a79212f6 Mon Sep 17 00:00:00 2001 From: martijn Date: Tue, 24 Oct 2023 14:02:52 +0000 Subject: [PATCH] When opening 2 sessions on an agentx connection and registering 2 overlapping regions on the different sessions, e.g. by differing in priority and we close the underlying connection with an outstanding request to the dominant region we will call appl_agentx_free(), which sequentially closes all sessions. If the session with the outstanding request is closed before the second session the request is retried before said session is cleaned up and it will try to send it over a conn_ax which at that point has been set to NULL, resulting in a SIGSEGV. Simply return early and let this second request be cancelled by the cleanup of the second session. OK tb@ --- usr.sbin/snmpd/application_agentx.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/usr.sbin/snmpd/application_agentx.c b/usr.sbin/snmpd/application_agentx.c index 98a7c57f87f..594ef09f3d9 100644 --- a/usr.sbin/snmpd/application_agentx.c +++ b/usr.sbin/snmpd/application_agentx.c @@ -1,4 +1,4 @@ -/* $OpenBSD: application_agentx.c,v 1.10 2023/10/24 13:41:16 martijn Exp $ */ +/* $OpenBSD: application_agentx.c,v 1.11 2023/10/24 14:02:52 martijn Exp $ */ /* * Copyright (c) 2022 Martijn van Duren * @@ -712,6 +712,9 @@ appl_agentx_get(struct appl_backend *backend, int32_t transactionid, struct ax_searchrange *srl; size_t i, j, nsr; + if (session->sess_conn->conn_ax == NULL) + return; + for (nsr = 0, vb = vblist; vb != NULL; vb = vb->av_next) nsr++; @@ -760,6 +763,9 @@ appl_agentx_getnext(struct appl_backend *backend, int32_t transactionid, struct ax_searchrange *srl; size_t i, j, nsr; + if (session->sess_conn->conn_ax == NULL) + return; + for (nsr = 0, vb = vblist; vb != NULL; vb = vb->av_next) nsr++; -- 2.20.1