Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in / Register
Toggle navigation
L
libzmq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Packages
Packages
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
submodule
libzmq
Commits
4ca3d430
Unverified
Commit
4ca3d430
authored
Jan 09, 2019
by
Luca Boccassi
Committed by
GitHub
Jan 09, 2019
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #3353 from guidovranken/v2_decoder-overflow-rce-fix
V2 decoder overflow RCE fix
parents
7302b9b8
731be4bd
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
19 additions
and
2 deletions
+19
-2
guidovranken.md
RELICENSE/guidovranken.md
+17
-0
v2_decoder.cpp
src/v2_decoder.cpp
+2
-2
No files found.
RELICENSE/guidovranken.md
0 → 100644
View file @
4ca3d430
# Permission to Relicense under MPLv2 or any other OSI approved license chosen by the current ZeroMQ BDFL
This is a statement by Guido Vranken that grants permission to
relicense its copyrights in the libzmq C++ library (ZeroMQ) under the
Mozilla Public License v2 (MPLv2) or any other Open Source Initiative
approved license chosen by the current ZeroMQ BDFL (Benevolent
Dictator for Life).
A portion of the commits made by the Github handle "guidovranken", with
commit author "Guido Vranken
<guidovranken@gmail.com>
", are
copyright of Guido Vranken. This document hereby grants the libzmq
project team to relicense libzmq, including all past, present and
future contributions of the author listed above.
Guido Vranken
2019/01/08
src/v2_decoder.cpp
View file @
4ca3d430
...
@@ -115,8 +115,8 @@ int zmq::v2_decoder_t::size_ready (uint64_t msg_size_,
...
@@ -115,8 +115,8 @@ int zmq::v2_decoder_t::size_ready (uint64_t msg_size_,
shared_message_memory_allocator
&
allocator
=
get_allocator
();
shared_message_memory_allocator
&
allocator
=
get_allocator
();
if
(
unlikely
(
!
_zero_copy
if
(
unlikely
(
!
_zero_copy
||
((
unsigned
char
*
)
read_pos_
+
msg_size_
||
msg_size_
>
>
(
allocator
.
data
()
+
allocator
.
size
())
)))
{
(
size_t
)(
allocator
.
data
()
+
allocator
.
size
()
-
read_pos_
)))
{
// a new message has started, but the size would exceed the pre-allocated arena
// a new message has started, but the size would exceed the pre-allocated arena
// this happens every time when a message does not fit completely into the buffer
// this happens every time when a message does not fit completely into the buffer
rc
=
_in_progress
.
init_size
(
static_cast
<
size_t
>
(
msg_size_
));
rc
=
_in_progress
.
init_size
(
static_cast
<
size_t
>
(
msg_size_
));
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment