Hi Benjamin, Thanks for posting the test case, it makes it clear.
At the least the documentation for zmq_device(3) should state what socket types are safe to use. Do any other socket types prepend an identity apart from XREP? -Pieter On Tue, Aug 10, 2010 at 10:25 AM, Pieter Hintjens <p...@imatix.com> wrote: > Benjamin, > > Could you provide a minimal test case that reproduces the problem, and > perhaps file an issue on the github tracker, thanks. > > -Pieter > > On Tue, Aug 10, 2010 at 8:34 AM, MinRK <benjami...@gmail.com> wrote: >> Hello, >> I'm using ZMQ devices for parallel computing in IPython. One of our devices >> is a Queue with XREQ on one side and XREP on the other. This model, like any >> device where one socket requires an IDENT prefix (XREP), and the other does >> not prepend a message (anything other than XREP), is vulnerable to invalid >> messages. If the socket that is not XREP receives a single message, that >> will be relayed to the XREP as a message with routing IDENTITY but no >> content. This fails an assertion, and triggers SIGABRT, bringing down the >> entire process. >> It is a security concern for us that _incoming_ messages have the ability to >> crash the device process. Are there any standard models or plans for ZMQ >> devices that can survive invalid messages like this? >> -MinRK >> _______________________________________________ >> zeromq-dev mailing list >> zeromq-dev@lists.zeromq.org >> http://lists.zeromq.org/mailman/listinfo/zeromq-dev >> >> > _______________________________________________ zeromq-dev mailing list zeromq-dev@lists.zeromq.org http://lists.zeromq.org/mailman/listinfo/zeromq-dev
