Handle full-pipe for REP sockets more gracefully

author: Martin Hurton <hurtonm@gmail.com> 2010-03-31 15:15:16 +0200
committer: Martin Hurton <hurtonm@gmail.com> 2010-03-31 16:08:43 +0200
commit: 37fd1a77a6927ae351e10fe8d5b68d0b0d525d22 (patch)
tree: 6dec0a5613dd7313b69162c57e2630f9b27a2ae3 /src
parent: 2f219d7c287cd518bc77b576e507d7a17c9535e9 (diff)
1 files changed, 10 insertions, 4 deletions
diff --git a/src/rep.cpp b/src/rep.cpp
index b7b03c8..eeef81f 100644
--- a/src/rep.cpp
+++ b/src/rep.cpp
@@ -167,9 +167,6 @@ int zmq::rep_t::xsend (zmq_msg_t *msg_, int flags_)
         return -1;
     }
 
-    //  Check whether it's last part of the reply.
-    more = msg_->flags & ZMQ_MSG_MORE;
-
     if (reply_pipe) {
 
         //  Push message to the reply pipe.
@@ -177,8 +174,14 @@ int zmq::rep_t::xsend (zmq_msg_t *msg_, int flags_)
         zmq_assert (!more || written);
 
         //  The pipe is full...
+        //  When this happens, we simply return an error.
+        //  This makes REP sockets vulnerable to DoS attack when
+        //  misbehaving requesters stop collecting replies.
         //  TODO: Tear down the underlying connection (?)
-        zmq_assert (written);     
+        if (!written) {
+            errno = EAGAIN;
+            return -1;
+        }
     }
     else {
 
@@ -186,6 +189,9 @@ int zmq::rep_t::xsend (zmq_msg_t *msg_, int flags_)
         zmq_msg_close (msg_);
     }
 
+    //  Check whether it's last part of the reply.
+    more = msg_->flags & ZMQ_MSG_MORE;
+
     //  Flush the reply to the requester.
     if (!more) {
         reply_pipe->flush ();
author	Martin Hurton <hurtonm@gmail.com>	2010-03-31 15:15:16 +0200
committer	Martin Hurton <hurtonm@gmail.com>	2010-03-31 16:08:43 +0200
commit	37fd1a77a6927ae351e10fe8d5b68d0b0d525d22 (patch)
tree	6dec0a5613dd7313b69162c57e2630f9b27a2ae3 /src
parent	2f219d7c287cd518bc77b576e507d7a17c9535e9 (diff)