Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Fixed
-
None
-
None
-
5
Description
LibeventSSLSocket can return 0 from send incorrectly, which leads the caller to send the data twice!
See here: https://github.com/apache/mesos/blob/1.3.1/3rdparty/libprocess/src/libevent_ssl_socket.cpp#L396-L398
In some particular cases, it's possible that the caller keeps getting back 0 and loops infinitely, blowing up the memory and OOMing the process.
One example is when a send occurs after a shutdown:
TEST_F(SSLTest, ShutdownThenSend)
{
Clock::pause();
Try<Socket> server = setup_server({
{"LIBPROCESS_SSL_ENABLED", "true"},
{"LIBPROCESS_SSL_KEY_FILE", key_path().string()},
{"LIBPROCESS_SSL_CERT_FILE", certificate_path().string()}});
ASSERT_SOME(server);
ASSERT_SOME(server.get().address());
ASSERT_SOME(server.get().address().get().hostname());
Future<Socket> socket = server.get().accept();
Clock::settle();
EXPECT_TRUE(socket.isPending());
Try<Socket> client = Socket::create(SocketImpl::Kind::SSL);
ASSERT_SOME(client);
AWAIT_ASSERT_READY(client->connect(server->address().get()));
AWAIT_ASSERT_READY(socket);
EXPECT_SOME(Socket(socket.get()).shutdown());
// This loops forever!
AWAIT_FAILED(Socket(socket.get()).send("Hello World"));
}