“stomp.py” is a Python client library for accessing messaging servers (such as ActiveMQ or RabbitMQ) using the STOMP protocol (versions 1.0, 1.1 and 1.2). It can also be run as a standalone, command-line client for testing.
Apache License 2.0
491
stars
167
forks
source link
heartbeat thread should not call transport.disconnect_socket() #389
Python sockets are not thread-safe. The receiver_thread created in BaseTransport.start() should be the only thing interacting directly with the socket, unless explicit locks are involved. When the HeartbeatListener detects a heartbeat timeout, it calls transport.disconnect_socket() from the heartbeat thread. This closes and deallocates the socket while the receiver_thread is still attempting to read from it. This can result in memory corruption and segfaults.
Python sockets are not thread-safe. The
receiver_threadcreated inBaseTransport.start()should be the only thing interacting directly with the socket, unless explicit locks are involved. When theHeartbeatListenerdetects a heartbeat timeout, it callstransport.disconnect_socket()from the heartbeat thread. This closes and deallocates the socket while thereceiver_threadis still attempting to read from it. This can result in memory corruption and segfaults.