use b.put_bytes instead of b.write_string for ffi 1.14.0 compatibility

chuckremes / ffi-rzmq

FFI bindings for ZeroMQ so the library can be used under JRuby and other FFI-compliant ruby runtimes

242 stars 62 forks source link

use b.put_bytes instead of b.write_string for ffi 1.14.0 compatibility #133

Closed skaes closed 1 week ago

skaes commented 3 years ago

The semantics of write_string was changed in ffi 1.14.0 to add a NULL byte at the end of the target buffer. This causes buffer overflows in all programs that relied on the old semantics.

This patch fixes the problem by using the underlying b.put_bytes method.

chuckremes commented 3 years ago

This all seems very reasonable.

Here's my proposal.

Merge this PR.
Modify the gemspec to require ffi 1.14.0 or later
bump the version number incrementally on the gem
release

Sound good?

eregon commented 3 years ago

Note that FFI 1.14.1 was released, and it undid that change: https://github.com/ffi/ffi/issues/857 So existing releases of ffi-rzmq + FFI 1.14.1 or FFI < 1.14.0 should work fine.

Still, I think it's a good idea to use put_bytes() here as it's more explicit that null termination is not wanted.