[nanomsg] Re: example of a bad assert
- From: Paul Colomiets <paul@xxxxxxxxxxxxxx>
- To: "nanomsg@xxxxxxxxxxxxx" <nanomsg@xxxxxxxxxxxxx>
- Date: Mon, 24 Mar 2014 23:17:03 +0200
HI Garrett,
On Mon, Mar 24, 2014 at 3:41 AM, Garrett D'Amore
<garrett.damore@xxxxxxxxxxxxxxxxxxxx> wrote:
> static void nn_xpub_in (NN_UNUSED struct nn_sockbase *self,
> NN_UNUSED struct nn_pipe *pipe)
> {
> /* We shouldn't get any messages from subscribers. */
> nn_assert (0);
> }
>
>
> That's just evil, because a bad peer could cause a DoS by simply sending a
> message over a sub socket that the publisher doesn't like.
>
> It would be better to just silently drop. Or possibly log it. But asserting
> failure over events that can occur outside of the program's control (like bad
> network packets) is IMO terribly bad practice.
>
> (Yes, I'm implementing PUB/SUB even now, which is why I noticed this (in
> code, I didn't actually trigger it.)
>
IIRC, you cannot trigger this assertion by the network. I.e. there is
other place where incoming traffic is blocked. But I'm not sure, since
I have read the code too long time ago :)
> If you'd like me to. I'll just remove the call to nn_assert. :-)
It's better to drop the connection, because it means that client does
something wrong.
--
Paul
Other related posts:
