Hi guys,<div><br></div><div>I found a bug in librabbitmq-c client, but wasn't able to get a super amount of information about it unfortunately.</div><div><br></div><div>It appears to be an integer overflow bug.</div><div>
<br></div><div>I had one certain message, and when the client tried to consume it, it interpreted the message size to be 172 Terra-bytes and proceeded to sit on socket.recv forever. The actual message size was between 1-2 MB.</div>
<div><br></div><div>I tested it with the trunk of the lib as of a few days ago.</div><div><br></div><div>I could re-produce the error with 3 different librabbitmq-c based client libraries:</div><div><br></div><div> * python kombu</div>
<div> * c++ amqpcpp/AMQPcpp.h</div><div> * c++ SimpleAmqpClient</div><div><br></div><div>I tested against the rabbit mq broker 1.8.1 and 2.8.4.</div><div><br></div><div>Unfortunately, I switched to py-amqplib and it ate the message that was causing the error, so I don't have that test data anymore :*(</div>
<div><br></div><div>Here are some fun tracebacks, but they're not where it reads the size; they're just where it's sitting trying to read a kagillion bytes:</div><div><br></div><div><a href="http://pastebin.com/m1JPPSHw">http://pastebin.com/m1JPPSHw</a></div>
<div><a href="http://pastebin.com/A6CZMDvj">http://pastebin.com/A6CZMDvj</a></div><div><a href="http://pastebin.com/qQmjGD4Y">http://pastebin.com/qQmjGD4Y</a></div><div><a href="http://pastebin.com/DBZuUin5">http://pastebin.com/DBZuUin5</a></div>
<div><br></div><div>I think the way to find the bug would be to compile with CMAKE_C_FLAGS -Wconversion </div><div><br></div><div>there's a lot of warnings coming out, I tried a few changes myself, but couldn't fix the darn thing.</div>
<div><br></div><div>I hope this is useful to someone who knows the code better.</div><div><br></div><div>Let me know if I can help answer any Qs.</div><div><br></div><div>Kind Regards</div><div>Matthew Sherborne</div>