From 898691e2ebc1b84ba49fb884c57d546302467b24 Mon Sep 17 00:00:00 2001
From: sigiesec <simon.giesecke@btc-ag.com>
Date: Fri, 18 Aug 2017 12:01:06 +0200
Subject: [PATCH] Problem: gssapi_mechanism_base_t aborts the application when
 it receives a message it cannot decode

Solution: emit an ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL event instead of using zmq_assert
---
 src/gssapi_mechanism_base.cpp | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/gssapi_mechanism_base.cpp b/src/gssapi_mechanism_base.cpp
index 43d4f79b..049cb3e5 100644
--- a/src/gssapi_mechanism_base.cpp
+++ b/src/gssapi_mechanism_base.cpp
@@ -181,12 +181,18 @@ int zmq::gssapi_mechanism_base_t::decode_message (msg_t *msg_)
     maj_stat = gss_unwrap(&min_stat, context, &wrapped, &plaintext,
                           &state, (gss_qop_t *) NULL);
 
-    //  TODO I don't think it is a good idea to use zmq_assert here. If 
-    //  decryption fails, gss_unwrap returns GSS_S_BAD_SIG. This opens up 
-    //  to DoS attacks by clients! Instead, a 
-    //  ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC event should be emitted.
-
-    zmq_assert(maj_stat == GSS_S_COMPLETE);
+    if (maj_stat != GSS_S_COMPLETE)
+    {
+        //  TODO is it correct to release the plaintext buffer if gss_unwrap 
+        //  did not succeed?
+        gss_release_buffer (&min_stat, &plaintext);
+        free (wrapped);
+        session->get_socket ()->event_handshake_failed_protocol (
+          session->get_endpoint (),
+          ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
+        errno = EPROTO;
+        return -1;
+    }
     zmq_assert(state);
 
     // Re-initialize msg_ for plaintext