pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/49860: DoS against snmpd on netbsd routers
On Sun, 26 Apr 2015, Joerg Sonnenberger wrote:
Can you ktrace it to see what it is doing? Does sockstat work fine? The
problem with net-snmp is that it is extremely messy code and quite a few
things are using kmem when they don't have to, so it is easy to hit race
conditions and the like.
I've never worked with ktrace. I have tested ktruss -p <pid snmpd>
The output at 100% CPU was as follows:
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
....
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd mmap(0, 0x100000, 0x3, 0x14001002, 0xffffffff, 0, 0)
= 0x7f7feeb00000
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
...
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd mmap(0, 0x100000, 0x3, 0x14001002, 0xffffffff, 0, 0)
= 0x7f7fee300000
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
...
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd mmap(0, 0x100000, 0x3, 0x14001002, 0xffffffff, 0, 0)
= 0x7f7fee200000
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
...
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd mmap(0, 0x100000, 0x3, 0x14001002, 0xffffffff, 0, 0)
= 0x7f7fedf00000
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
10754 1 snmpd __clock_gettime50(0x3, 0x7f7fffffd930) = 0
...
Does that help?
Regards
Uwe
Home |
Main Index |
Thread Index |
Old Index