crashes when SNMPv3 trap string has no data

[Easyfilecopy]

crashes when SNMPv3 trap string has no data

data center expert is a SE tool for data center monitioring.

with wireshark and send data center expert snmp trap, we could see a snmp trap without 1.3.6.1.4.1.5528.100.11.8: 1.3.6.1.4.1.5528.100.11.9:

This is okay when uses SNMPv1. But SNMPv3, it stops at net-snmp.

workaround fix:

.node-red\node_modules\net-snmp\index.js

            case ObjectType.OctetString:
                if (typeof value == "string")
                    buffer.writeString (value);
                else
                    //buffer.writeBuffer (value, ObjectType.OctetString);
                                            buffer.writeString ("");
                break;

[markabrahams]

Hi @Easyfilecopy - if you could read and follow the guidelines in CONTRIBUTING.md on what to include in a bug report - that would be great. In particular these points:

• Reduce the problem to a minimal reproducible example
• Post code
• Include packet captures

And including the full error message would help as well.

[Easyfilecopy]

To reproduce: Send DCE (data center expert) snmpv3 which contains empty SNMP string.

1.3.6.1.4.1.5528.100.11.8: (type is string but empty) 1.3.6.1.4.1.5528.100.11.9: (type is string but empty) This message is decrypted.

UDP encrypted message. You could send it by packet generator. Username: test. sha1/aes. password is 12345678. Recommend tool: PacketSenderPortable

308202510201033011020458fbe79e020300ffe304010702010304363034040e446172742e506f776572534e4d50020100020100040474657374040cd3e2628f7d3fd38c7f4cceec040849a8890fcd6f0788048201ffd679a7f164a324447dcb9132bbbf8f270fb3888f10b373fceee08311a3c2d6f55ea9003c2c9f36a6613887811caa23f58b20246d9926d81d0b690c32d735a19237e0c183dc158b79474fc42acc771bb9cbc2f38f41b6f94a778910d9d4b30aef641b2ea7e288790b1cb87900b83f12c714e14479e907a7fbf540800ef638e86fd824e3351b1eb5e93c37bf23b37c3a97e1faaa6fcc14c7a343baba18b0cf9addd7fa85fe233651e0ef80894f03c8a5568810f90c5e9103dee4521d2c2db006540a01771d7a414c59bfadfed5e72bfc576374305244c2a4952219163d87274dba0c26cb10f52c9e56143fc5d56f32f7bcfd6cc99c43b1a8df17d0d630bddcc2ddb77833b6aafc125ff8f646dc44d90af195b7068a7a3ca50823d88d251eb97093140832f6290b87162f50e0053224b39ee336cbaca222e20138d4555b432b1ed08cddace4909a78d8d65c02b33b53453431b5897d5d1e7a459d11b7e60426ed1633175aefdc16292e83126ca1f0f29f73f65a2749f8db1935bbcb95cd596a19205ebf0558ca352d00c403b291ffbd4d26f365741b498dfd06aeb5f0b2aa1e9c5245651fa5e42a7cc1ab543174b117dba9ba8dfb17bb683b6f72e5a449e59c4b83ac5f2fcfdade4fde6b4e79c29b95f3368eceee4ddf14167a13de7920b3d3bdde5ef83d580ae6865cae492b5e6a6938f935cbe6f1f9966d937861c8d6c360fd

Code

net-snmp\index.js

        case ObjectType.OctetString:
            if (typeof value == "string")
                buffer.writeString (value);
            else
                buffer.writeBuffer (value, ObjectType.OctetString); <-- crash here
            break;

Error:

AssertionError [ERR_ASSERTION]: The expression evaluated to a falsy value:

assert.ok(len)

at Writer._ensure (/home/pi/node_modules/asn1-ber/lib/ber/writer.js:298:9)
at Writer.writeBuffer (/home/pi/node_modules/asn1-ber/lib/ber/writer.js:157:7)
at writeVarbinds (/home/pi/node_modules/net-snmp/index.js:549:14)
at InformRequestPdu.SimplePdu.toBuffer (/home/pi/node_modules/net-snmp/index.js:616:2)
at Message.toBufferV3 (/home/pi/node_modules/net-snmp/index.js:1439:11)
at Message.toBuffer (/home/pi/node_modules/net-snmp/index.js:1346:15)
at Listener.send (/home/pi/node_modules/net-snmp/index.js:2829:23)
at Receiver.onMsg (/home/pi/node_modules/net-snmp/index.js:3153:17)
at Socket.emit (events.js:314:20)
at UDP.onMessage [as onmessage] (dgram.js:921:8) {

generatedMessage: true, code: 'ERR_ASSERTION', actual: 0, expected: true, operator: '==' }

[Easyfilecopy]

Username: test. sha1/aes. password is 12345678.

TEST.zip

[Easyfilecopy]

Test code to receive snmpv3.

var snmp = require ("net-snmp");

// Default options for v3 var options = { port: 165, disableAuthorization: false, accessControlModelType: snmp.AccessControlModelType.None, engineID: "8000B98380111111111111111111111111", // where the X's are random hex digits address: null, transport: "udp4" };

var callback = function (error, notification) { if ( error ) { console.error (error); } else { console.log (JSON.stringify(notification, null, 2)); } };

receiver = snmp.createReceiver (options, callback);

var user = { name: "test", level: snmp.SecurityLevel.authPriv, authProtocol: snmp.AuthProtocols.sha, authKey: "12345678", privProtocol: snmp.PrivProtocols.aes, privKey: "12345678" };

receiver.getAuthorizer().addUser(user);

[markabrahams]

Thanks for the additional info @Easyfilecopy. The error here was in dependent module "asn1-ber", which I also maintain. It didn't handle writing zero-length octet strings correctly. I've fixed this in version 1.1.2 of the "asn1-ber" npm.