On Aug 30, 2012, at 4:00 PM, Ben Bangert <[email protected]> wrote:
> So far, I've found that if I send malformed Auth packets that are missing the
> auth_type int, after a few times I can get the Zookeeper server to segfault.
> I'll attach some more log scripts and a test script to trigger it next.
If you checkout the pure-python kazoo branch, this script will segfault
Zookeeper immediately on my machine:
import logging
from kazoo.client import KazooClient
from kazoo.protocol.serialization import (
Auth,
write_buffer,
write_string
)
logging.basicConfig(level=logging.DEBUG)
class BadAuth(Auth):
type = 100
def serialize(self):
return (write_string(self.scheme) + write_buffer(self.auth))
k = KazooClient()
k.start()
k._queue.put((BadAuth(0, 'digest', 'user:password'), None))
It apparently really really doesn't like the fact that the auth_type is missing
from the payload. A proper message length is provided though (for the
admittedly malformed request), whatever Zookeeper is doing to read the buffer
fails to account for the string being where it expected the int. Shouldn't this
return a marshaling error?
- Ben
