Impact
Server that does not authenticate clients with CURVE/ZAP
Patches
#3935
Workarounds
None
References
Found thanks to oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22344
For more information
Messages with metadata are never processed by PUB sockets, but the metadata is kept referenced in the PUB object and never freed.
Metadata should be freed when the XPUB is destroyed, and it should not be stored in the first place if the type is PUB.
This input for test_bind_null_fuzzer reproduces the memory leak:
ff00000000000000017f03014e554c4c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004190552454144590b536f636b65742d5400006500000003040000000000657468300000000000
Impact
Server that does not authenticate clients with CURVE/ZAP
Patches
#3935
Workarounds
None
References
Found thanks to oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22344
For more information
Messages with metadata are never processed by PUB sockets, but the metadata is kept referenced in the PUB object and never freed.
Metadata should be freed when the XPUB is destroyed, and it should not be stored in the first place if the type is PUB.
This input for test_bind_null_fuzzer reproduces the memory leak: