search

etingof / pysnmp

Python SNMP library
http://snmplabs.com/pysnmp/
BSD 2-Clause "Simplified" License
583 stars 200 forks source link

Leak in VACM context table #149

Open optimosfet opened 6 years ago

optimosfet commented 6 years ago

Hi Ilya,

are there any considerations from your side to fix the following leak? https://github.com/etingof/pysnmp/blob/0ab27d2c38559e81f480d264a7b0f1ccc854c675/pysnmp/entity/config.py#L451

Regards, Andreas

etingof commented 6 years ago

Hey, thanks for your nitpicking! ;-)

Do you actually notice this leak? It leaks noticeably when you register a whole lot of different context names.

The problem here is that SNMP-VIEW-BASED-ACM-MIB::vacmContextTable does not define RowStatus column which would let us remove the unwanted rows. Perhaps we could add that column into the Python module and introduce the delContext() call accordingly.

But my question is if there is actually a use-case where it makes a difference?

optimosfet commented 6 years ago

Hi Ilya,

I actually got in to trouble with this leak. I recently sent you an email with my application description on March 28th. Maybe you remember the SNMP agent proxy ...

The proxy is an accessor for IoT nodes in a meshed network topology. The nodes appear dynamically using some kind of IPv6 neighbor discovery. Each node has an UID, which is used also as SNMP context identifier.

If now a branch of the network is removed, the VACM and related entries are remaining in the MIB tree...

etingof commented 6 years ago

Let's try #155, the same fix is also committed to the 4.4.5 branch.

optimosfet commented 6 years ago

Thanks, this helps to get rid of outdated context table entries.

The next potentially leaky code section might be in addVacmUser(...), resp. delVacmUser(...). The latter has no parameter for the context name, which is why the entries in the VACM Access Table are not completely cleared.