[zeromq-dev] Vulnerability of devices to incoming messages
Pieter Hintjens
ph at imatix.com
Tue Aug 10 19:14:08 CEST 2010
Hi Benjamin,
Thanks for posting the test case, it makes it clear.
At the least the documentation for zmq_device(3) should state what
socket types are safe to use. Do any other socket types prepend an
identity apart from XREP?
-Pieter
On Tue, Aug 10, 2010 at 10:25 AM, Pieter Hintjens <ph at imatix.com> wrote:
> Benjamin,
>
> Could you provide a minimal test case that reproduces the problem, and
> perhaps file an issue on the github tracker, thanks.
>
> -Pieter
>
> On Tue, Aug 10, 2010 at 8:34 AM, MinRK <benjaminrk at gmail.com> wrote:
>> Hello,
>> I'm using ZMQ devices for parallel computing in IPython. One of our devices
>> is a Queue with XREQ on one side and XREP on the other. This model, like any
>> device where one socket requires an IDENT prefix (XREP), and the other does
>> not prepend a message (anything other than XREP), is vulnerable to invalid
>> messages. If the socket that is not XREP receives a single message, that
>> will be relayed to the XREP as a message with routing IDENTITY but no
>> content. This fails an assertion, and triggers SIGABRT, bringing down the
>> entire process.
>> It is a security concern for us that _incoming_ messages have the ability to
>> crash the device process. Are there any standard models or plans for ZMQ
>> devices that can survive invalid messages like this?
>> -MinRK
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>>
>>
>
More information about the zeromq-dev
mailing list