Ubuntu
net-snmp package

Merge ~ahasenack/ubuntu/+source/net-snmp:focal-snmp-double-free-2012926 into ubuntu/+source/net-snmp:ubuntu/focal-devel

  1. Git
  2. lp:~ahasenack/ubuntu/+source/net-snmp
  3. focal-snmp-double-free-2012926
  4. Merge into ubuntu/focal-devel
Proposed by Andreas Hasenack
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merged at revision: c9c7d7288ea02d39599a07ae48565d6da1d9530f
Proposed branch: ~ahasenack/ubuntu/+source/net-snmp:focal-snmp-double-free-2012926
Merge into: ubuntu/+source/net-snmp:ubuntu/focal-devel
Diff against target: 207 lines (+167/-0)
6 files modified
debian/changelog (+14/-0)
debian/patches/double-free-agentx_got_response.patch (+36/-0)
debian/patches/double-free-delegated-cache.patch (+33/-0)
debian/patches/double-free-failed-transport.patch (+40/-0)
debian/patches/double-free-when-NETSNMP_CALLBACK_OP_RESEND-is-set.patch (+40/-0)
debian/patches/series (+4/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Sergio Durigan Junior (community) Approve
Canonical Server Reporter Pending
Review via email: mp+445445@code.qastaging.launchpad.net

Description of the change

Multiple double free fixes for net-snmp in focal.

The easiest and most reliable way to reproduce the snmpd crash was to use a custom agentx subagent in python and inject an artificial delay just over the snmpd agentx timeout of 1s.

Testing instructions are in the bug.

PPA: https://launchpad.net/~ahasenack/+archive/ubuntu/net-snmp-double-free/

The DEP8 test is trivial/superficial, I ran it once but didn't bother in keeping it up-to-date with my PPA iterations.

To post a comment you must log in.
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks, Andreas.

Package builds fine. dep8 is too superficial to be considered useful here, as you said. I verified each patch, did some investigation to make sure that they are minimally correct, and everything seems OK. As you said, there are other commits fixing double frees in the repository, but they're unrelated to agentx.

A small comment about the PPA: you did not enable all architectures there. I really think it's useful to at least make sure nothing strange happens when building on other arches, especially if it's an SRU like this one.

So, in a nutshell: LGTM assuming that the package builds fine on all supported architectures. +1

review: Approve
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Agreed wrt ppa, enabled the remaining arches and triggered a rebuild.

Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: ahasenack, sergiodj
Uploaders: ahasenack, sergiodj
MP auto-approved

review: Approve
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Builds in other arches are green, (superficial) tests are also green. Uploading:

Uploading net-snmp_5.8+dfsg-2ubuntu2.8.dsc
Uploading net-snmp_5.8+dfsg-2ubuntu2.8.debian.tar.xz
Uploading net-snmp_5.8+dfsg-2ubuntu2.8_source.buildinfo
Uploading net-snmp_5.8+dfsg-2ubuntu2.8_source.changes

There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches