ffi-rzmq icon indicating copy to clipboard operation
ffi-rzmq copied to clipboard

Published 20 hours ago verified publisher icon chuckremes

use b.put_bytes instead of b.write_string for ffi 1.14.0 compatibility

Open skaes opened this issue 4 years ago • 2 comments

The semantics of write_string was changed in ffi 1.14.0 to add a NULL byte at the end of the target buffer. This causes buffer overflows in all programs that relied on the old semantics.

This patch fixes the problem by using the underlying b.put_bytes method.

skaes avatar Dec 19 '20 13:12 skaes

This all seems very reasonable.

Here's my proposal.

  1. Merge this PR.
  2. Modify the gemspec to require ffi 1.14.0 or later
  3. bump the version number incrementally on the gem
  4. release

Sound good?

chuckremes avatar Dec 23 '20 14:12 chuckremes

Note that FFI 1.14.1 was released, and it undid that change: https://github.com/ffi/ffi/issues/857 So existing releases of ffi-rzmq + FFI 1.14.1 or FFI < 1.14.0 should work fine.

Still, I think it's a good idea to use put_bytes() here as it's more explicit that null termination is not wanted.

eregon avatar Dec 23 '20 15:12 eregon