Hi everyone, I ran into the issue that sending more than 8KB of data with ZMQ_STREAM (yeah I know, zmq is not intended for that … anyway) that on the receiver side it gets truncated.
PoC https://gist.github.com/0x6d686b/16f79e092156dae223c9 If you look in the memory dump you'll see that at 0x2000 (or 8196 bytes) it changes from received payload to pre-initialised memory, and also that the received payload get's split in two part of 8196 bytes. IMO this MAY result in leaking sensitive information (information disclosure) if the server side would just reply with the received payload (like ping does). I also suggest to document this in the "manpage" of zmq_socket ZMQ_STREAM that the biggest batch size is 8KB. Mathias
_______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
