[zeromq-dev] nmap patch for github issues 147+149 (nmap)

Thijs Terlouw thijsterlouw at gmail.com
Mon Jan 17 10:04:30 CET 2011

Hi Martin,

This patch solves the crashes I was seeing when I ran nmap against a
range of listening ZeroMQ sockets (github issues 147 + 149)
I'm not sure if I patched it correctly (for example the want_terminate
boolean in zmq_engine_t is a bit of a hack), but at least this works
for me and in the worst case it can give you some ideas how to solve
it correctly.

There were two seperate issues:
1. zmq_engine_t::error() assumed it was plugged in
 - it's appears to be valid to be in an unplugged state and call the
error() function in the in_event() function

2. zmq_engine_t::error() deleted itself which let to dangling pointer
and virtual function call in session_t
 - zmq_init_t dispatches the ephemeral engine
 - zmq_init_t send_attach()
 - ephemeral engine encounters an error, deletes itself
 - session_t process_attach tries to plug the (already destructed)
engine back in

if you want to use the patch, it's supplied under LGPL :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: nmap-patch-thijsterlouw.patch
Type: application/octet-stream
Size: 3161 bytes
Desc: not available
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20110117/ce74ada6/attachment.obj>

More information about the zeromq-dev mailing list