From 37fd1a77a6927ae351e10fe8d5b68d0b0d525d22 Mon Sep 17 00:00:00 2001
From: Martin Hurton <hurtonm@gmail.com>
Date: Wed, 31 Mar 2010 15:15:16 +0200
Subject: Handle full-pipe for REP sockets more gracefully

---
 src/rep.cpp | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/rep.cpp b/src/rep.cpp
index b7b03c8..eeef81f 100644
--- a/src/rep.cpp
+++ b/src/rep.cpp
@@ -167,9 +167,6 @@ int zmq::rep_t::xsend (zmq_msg_t *msg_, int flags_)
         return -1;
     }
 
-    //  Check whether it's last part of the reply.
-    more = msg_->flags & ZMQ_MSG_MORE;
-
     if (reply_pipe) {
 
         //  Push message to the reply pipe.
@@ -177,8 +174,14 @@ int zmq::rep_t::xsend (zmq_msg_t *msg_, int flags_)
         zmq_assert (!more || written);
 
         //  The pipe is full...
+        //  When this happens, we simply return an error.
+        //  This makes REP sockets vulnerable to DoS attack when
+        //  misbehaving requesters stop collecting replies.
         //  TODO: Tear down the underlying connection (?)
-        zmq_assert (written);     
+        if (!written) {
+            errno = EAGAIN;
+            return -1;
+        }
     }
     else {
 
@@ -186,6 +189,9 @@ int zmq::rep_t::xsend (zmq_msg_t *msg_, int flags_)
         zmq_msg_close (msg_);
     }
 
+    //  Check whether it's last part of the reply.
+    more = msg_->flags & ZMQ_MSG_MORE;
+
     //  Flush the reply to the requester.
     if (!more) {
         reply_pipe->flush ();
-- 
cgit v1.2.3