From 669aa2a21099b4b1ba36720df390562bcfee12cd Mon Sep 17 00:00:00 2001 From: antirez Date: Fri, 28 Nov 2014 10:03:07 +0100 Subject: [PATCH] Cluster PUBLISH message: fix totlen count. bulk_data field size was not removed from the count. It is not possible to declare it simply as 'char bulk_data[]' since the structure is nested into another structure. --- src/cluster.c | 5 +++-- src/cluster.h | 5 ++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/src/cluster.c b/src/cluster.c index 608f8d2c..80ac66e4 100644 --- a/src/cluster.c +++ b/src/cluster.c @@ -1482,7 +1482,8 @@ int clusterProcessPacket(clusterLink *link) { } else if (type == CLUSTERMSG_TYPE_PUBLISH) { uint32_t explen = sizeof(clusterMsg)-sizeof(union clusterMsgData); - explen += sizeof(clusterMsgDataPublish) + + explen += sizeof(clusterMsgDataPublish) - + 8 + ntohl(hdr->data.publish.msg.channel_len) + ntohl(hdr->data.publish.msg.message_len); if (totlen != explen) return 1; @@ -2184,7 +2185,7 @@ void clusterSendPublish(clusterLink *link, robj *channel, robj *message) { clusterBuildMessageHdr(hdr,CLUSTERMSG_TYPE_PUBLISH); totlen = sizeof(clusterMsg)-sizeof(union clusterMsgData); - totlen += sizeof(clusterMsgDataPublish) + channel_len + message_len; + totlen += sizeof(clusterMsgDataPublish) - 8 + channel_len + message_len; hdr->data.publish.msg.channel_len = htonl(channel_len); hdr->data.publish.msg.message_len = htonl(message_len); diff --git a/src/cluster.h b/src/cluster.h index b05a30de..7d6567d4 100644 --- a/src/cluster.h +++ b/src/cluster.h @@ -176,7 +176,10 @@ typedef struct { typedef struct { uint32_t channel_len; uint32_t message_len; - unsigned char bulk_data[8]; /* defined as 8 just for alignment concerns. */ + /* We can't reclare bulk_data as bulk_data[] since this structure is + * nested. The 8 bytes are removed from the count during the message + * length computation. */ + unsigned char bulk_data[8]; } clusterMsgDataPublish; typedef struct {