[zeromq-dev] [PATCH] assert on 0 length messages

Dhammika Pathirana dhammika at gmail.com
Fri Aug 27 17:16:32 CEST 2010


Submitted under MIT/X11 license.
Is it possible to make this a mailing list policy?


diff --git a/src/zmq_decoder.cpp b/src/zmq_decoder.cpp
index 8e335c9..3b3e13b 100644
--- a/src/zmq_decoder.cpp
+++ b/src/zmq_decoder.cpp
@@ -55,6 +55,7 @@ bool zmq::zmq_decoder_t::one_byte_size_ready ()
    else {

        //  TODO:  Handle over-sized message decently.
+        errno_assert (*tmpbuf != 0);

        //  in_progress is initialised at this point so in theory we should
        //  close it before calling zmq_msg_init_size, however, it's a 0-byte




On Fri, Aug 27, 2010 at 3:27 AM, Pieter Hintjens <ph at imatix.com> wrote:
> Dhammika,
>
> Thanks for this patch.  Can you please (and sorry for the double
> effort) repost this and state that you license it under MIT/X11?  Even
> a 1-line fix needs to be properly handled.
>
> We really need a better way to organize patches IMO...
>
> -Pieter
>
> On Fri, Aug 27, 2010 at 10:22 AM, Dhammika Pathirana <dhammika at gmail.com> wrote:
>> Hi,
>>
>> On receiving a new message, decoder inits a msg with size (*tmpbuf - 1).
>> But a sender can craft a message such that *tmpbuf is 0 (ie.
>> zmq::message_t msg((size_t)-1)).
>> This creates a remote memory corruption in the receiver.
>>
>> Patch is a temporary fix, we need a better way to handle malformed messages.
>>
>>
>> Dhammika
>>
>>
>> diff --git a/src/zmq_decoder.cpp b/src/zmq_decoder.cpp
>> index 8e335c9..3b3e13b 100644
>> --- a/src/zmq_decoder.cpp
>> +++ b/src/zmq_decoder.cpp
>> @@ -55,6 +55,7 @@ bool zmq::zmq_decoder_t::one_byte_size_ready ()
>>     else {
>>
>>         //  TODO:  Handle over-sized message decently.
>> +        errno_assert (*tmpbuf != 0);
>>
>>         //  in_progress is initialised at this point so in theory we should
>>         //  close it before calling zmq_msg_init_size, however, it's a 0-byte
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>>
>>
>
>
>
> --
> -
> Pieter Hintjens
> iMatix - www.imatix.com
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>



More information about the zeromq-dev mailing list