• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

zeromq / libzmq / 28609714368

02 Jul 2026 05:36PM UTC coverage: 75.471% (-0.04%) from 75.513%
28609714368

push

github

bluca
Fix heap buffer overflow in UDP engine out_event()

The out_event() send path copies group_size + body_size + 1 bytes
into the fixed MAX_UDP_MSG (8192) byte _out_buffer without checking
if the total exceeds the buffer capacity. Messages with body larger
than approximately 7936 bytes overflow the buffer and corrupt
adjacent heap memory.

Add a bounds check before the memcpy calls, discarding oversized
messages. This resolves the TODO comment that acknowledged the
missing check.

Signed-off-by: Tristan Music <tristmd@gmail.com>

15150 of 20074 relevant lines covered (75.47%)

26395.63 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

80.07
/libzmq/src/udp_engine.cpp


Source Not Available

The file "libzmq/src/udp_engine.cpp" isn't available on github. Either it's been removed, or the repo root directory needs to be updated.

STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc