0
0
mirror of https://github.com/zeromq/libzmq.git synced 2024-12-28 16:15:23 +08:00

7979 Commits

Author SHA1 Message Date
Doron Somech
8df0d99cd8
Merge pull request #3921 from bluca/fuzzers
Problem: invalid address results in out-of-range string access
2020-05-16 17:23:16 +03:00
Luca Boccassi
2d23b599f2 Problem: test_bind_fuzzer does not use corpus for regression tests
Solution: do it
2020-05-16 15:01:15 +01:00
Luca Boccassi
dccf1723cc Problem: invalid address results in out-of-range string access
Solution: check for zone string length before using it in ip_resolver
It turns out std::string::at does not check for string length before
dereferencing
2020-05-16 13:40:55 +01:00
Doron Somech
3033112645
Merge pull request #3918 from bluca/fuzzers
Problem: unfinished message can be leaked by client pipe
2020-05-15 22:15:02 +03:00
Luca Boccassi
6815138501 Problem: unfinished message can be leaked by client pipe
When a pipe processes a delimiter and is already not in active state but still
has an unfinished message, the message is leaked.

Solution: issue a rollback before losing the reference to the pipe.
2020-05-15 18:19:38 +01:00
Luca Boccassi
6439d32254 Problem: fuzz tests do not check that legitimate clients work
Solution: add normal client sockets and bounce at the same time as
the mock client
2020-05-15 18:19:38 +01:00
Luca Boccassi
afacdbeccf
Merge pull request #3913 from somdoron/delay_bind
problem: zeromq connects peer before handshake is complete
2020-05-14 08:30:50 +01:00
Doron Somech
ad3b36ab95 problem: test_xpub_manual is flapping
The test assumed the subscriptions are arrived in some order, but occasionally the order is not as expected

Solution: fix it
2020-05-14 00:01:06 +03:00
Doron Somech
e7f0090b16 problem: zeromq connects peer before handshake is completed
Solution: delay connecting the peer pipe until the handshake is completed
2020-05-13 19:36:13 +03:00
Doron Somech
18cacf2ec1
Merge pull request #3910 from bluca/obs_release
Problem: removing latest_branch breaks ABI CI job
2020-05-12 12:29:31 +03:00
Luca Boccassi
364ae768fe Problem: removing latest_branch breaks ABI CI job
Solution: clone latest tag instead
2020-05-12 09:13:06 +01:00
Luca Boccassi
4a863e334a
Merge pull request #3909 from nyfix/std
allow C/C++ standard to be specified at build time, default to C++11 if supported
2020-05-12 00:05:43 +01:00
Bill Torpey
f474b226b6 allow C/C++ standard to be specified at build time, default to C++11 if supported 2020-05-11 16:47:02 -04:00
Doron Somech
820efb31bd
Merge pull request #3908 from bluca/obs_release
Problem: release script for OBS build fails often
2020-05-11 21:56:49 +03:00
Luca Boccassi
e1d07b61ca Problem: release script for OBS build fails often
Solution: now that tar_scm supports @PARENT_TAG@ as a revision to
automatically fetch the most recent tag on the default branch, use
it to simplify everything

https://github.com/openSUSE/obs-service-tar_scm/pull/359
2020-05-11 19:31:23 +01:00
Doron Somech
0244d809a2
Merge pull request #3905 from bluca/fuzzers
Problems: potential memory leak in test_connect_curve_fuzzer, SECURITY.md could use some updates
2020-05-09 15:27:52 +03:00
Luca Boccassi
fb9d055578 Problem: test_bind_curve_fuzzer might get stuck on some input
Solution: receive with MSG_DONTWAIT on the raw TCP socket
2020-05-09 13:17:36 +01:00
Luca Boccassi
c33da0ea5b Problem: we lack an (internal) definition of severity for security issues
Solution: attempt to define a reasonable one
2020-05-09 13:03:02 +01:00
Luca Boccassi
675a007d74 Problem: SECURITY.md does not mention 4.3.x series
Solution: add it
2020-05-09 12:57:32 +01:00
Luca Boccassi
abb315a6da Problem: potential memory leak in test_connect_curve_fuzzer
Solution: properly initialize zmq_msg before receive
2020-05-09 12:31:36 +01:00
Luca Boccassi
be77a8d932
Merge pull request #3903 from bjovke/msvc_cplusplus
Problem: MSVC always reports __cplusplus macro value as 199711L. Some…
2020-05-09 10:50:43 +01:00
Luca Boccassi
a1d82598bb
Merge pull request #3904 from somdoron/CHANNEL
problem: no thread-safe alternative for ZMQ_PAIR
2020-05-09 10:49:35 +01:00
Doron Somech
3da84c6d06 problem: no thread-safe alternative for ZMQ_PAIR
Solution: create ZMQ_CHANNEL, the thread safe alternative
2020-05-09 08:49:01 +03:00
Jovan Bunjevacki
804d528114 Problem: MSVC always reports __cplusplus macro value as 199711L. Some newer features are switched off even with latest Visual studio version.
Solution: Add check for MSVC version along with __cplusplus check.
2020-05-09 01:20:47 +02:00
Doron Somech
28cb820f4f
Merge pull request #3902 from bluca/fuzzers
Problems: ZMTP v1 static allocator is needlessly resized, ZMQ_DISABLE_TEST_TIMEOUT does not work anymore
2020-05-08 21:25:37 +03:00
Luca Boccassi
98efa79f54 Problem: ZMQ_DISABLE_TEST_TIMEOUT does not work anymore
Solution: restore it so that it can be set via CPPFLAGS, to avoid
tests timing out when running in GDB
2020-05-08 18:18:34 +01:00
Luca Boccassi
397ac80850 Problem: ZMTP v1 static allocator is needlessly resized
Solution: don't do it, resizing the shared allocator makes sense
as it can take the message buff for zero copy, but the static allocator
is fixed
2020-05-08 18:18:34 +01:00
Doron Somech
061ce6cea1
Merge pull request #3901 from bluca/fuzzers
Problem: test_connect_null_fuzzer doesn't correctly initialise messages
2020-05-07 13:34:26 +03:00
Luca Boccassi
5fd0711196 Problem: memory leak in test_connect_null_fuzzer
Solution: initialize message before re-using it so that
receive doesn't fail and messages can be deallocated
2020-05-06 22:26:03 +01:00
Luca Boccassi
243503c29e Problem: set infinite timeouts on some tests by mistake
Solution: remove it
2020-05-06 20:56:36 +01:00
Doron Somech
f7b215c639
Merge pull request #3900 from bluca/fuzzers
Use fixed keys in fussers curve tests, run fuzzers github action only on PRs, attempt to fix uninitialised error in test helper
2020-05-06 15:12:03 +03:00
Luca Boccassi
fd3e5daaeb Problem: fuzzing Github action ran on pushes on forks and fails
Solution: run in on PRs only as oss-fuzz uses Docker so the repository is
hard-coded
2020-05-06 12:39:45 +01:00
Luca Boccassi
346f8b8b20 Problem: uninitialised error in testutil helper
Solution: memset struct addrinfo to be sure
2020-05-06 11:51:55 +01:00
Luca Boccassi
5819867cd3 Problem: fuzzer curve tests use random keys
Solution: use fixed keys to reduce variability and increase the chance
that random data derived from it can break something
2020-05-06 11:47:15 +01:00
Doron Somech
d7e58fc880
Merge pull request #3899 from bluca/fuzzers
Problems: address sanitizer not enabled, oss-fuzz images not build-tested
2020-05-06 09:51:11 +03:00
Luca Boccassi
9f94aa866f Problem: oss-fuzz images not tested on PRs
Solution: integrate oss-fuzz build via Github actions
2020-05-06 00:36:29 +01:00
Luca Boccassi
5b7f67a822 Problem: memory sanitizer not enabled in CI
Solution: add -fsanitize=leak to the sanitizers flag, and disable
test_many_sockets as it currently fails due to:
https://github.com/zeromq/libzmq/issues/3898
2020-05-06 00:14:02 +01:00
Luca Boccassi
c2ffe2e6d2
Merge pull request #3897 from bluca/fuzzers
Problem: test_hello_msg binds to hard-coded port and fails when it's in use
2020-05-05 20:36:26 +01:00
Luca Boccassi
2ac5ee7307 Problem: test_hello_msg binds to hard-coded port and fails when it's in use
Solution: use the common wildcard bind pattern instead
2020-05-05 14:13:38 +01:00
Doron Somech
04ecff399b
Merge pull request #3896 from bluca/fuzzers
Problems: memory sanitizer fails due to uninitialised global, want to run more tests with sanitizer
2020-05-05 15:51:00 +03:00
Luca Boccassi
3770937de3 Problem: we want to check for undefined behaviour in the CI
Solution: enable GCC's UBSAN in the sanitizer job
2020-05-05 12:58:39 +01:00
Luca Boccassi
0c5396849b Problem: syntax errors in ci_build.sh
Solution: fix them
2020-05-05 12:16:19 +01:00
Luca Boccassi
cdd9e9d1f4 Problem: Travis uses old-old-old-stable Ubuntu by default
Solution: set default to bionic, and leave a few jobs that manually
set Trusty/Xenial to have more coverage
This is especially useful to get newer gcc for address sanitizer support
2020-05-05 11:48:55 +01:00
Luca Boccassi
96d3cb39e4 Problem: fuzz input which causes extra-large message allocation not stored
Solution: add it
2020-05-05 11:48:11 +01:00
Luca Boccassi
9ab3fbeee2 Problem: we want to have multiple seed corpora per fuzzer binary
Solution: store them each as a single line in the text file and convert them
at install time
2020-05-05 11:48:11 +01:00
Luca Boccassi
c4fd6dfea7 Problem: sanitizer tests cannot allocate much memory
Solution: restrict maximum message size to 64MB in tests
2020-05-05 11:42:06 +01:00
Luca Boccassi
7df845fb82 Problem: memory sanitizer detects uninitialised global variable usage
Solution: revert "Problem: complexity of start_connecting"

https://travis-ci.org/github/google/oss-fuzz/jobs/680325364

This reverts commit c590873ff7a81a3c373884eab37cbe2068fbfe4a.

Conflicts:
	src/session_base.cpp
	src/session_base.hpp
2020-05-04 22:02:04 +01:00
Doron Somech
309d1f1cb7
Merge pull request #3894 from bluca/fuzzers
Problems: sub/cancel broken with CURVE, fuzzers need corpora and better unit testing
2020-05-04 14:43:47 +03:00
Luca Boccassi
6b259224ee Problem: fuzzer regression tests do very little
Solution: run them with the seed corpora
2020-05-04 11:42:22 +01:00
Luca Boccassi
c8e62cb2e0 Problem: no dictionaries and seed corpora for fuzzers
Solution: add them and install them where oss-fuzz expects them
2020-05-04 02:11:15 +01:00