Commit 3e0e6c8
fix: make MessageDecoder.decode_bytes honor the poison flag
MessageDecoder.decode() runs through a poison gate before calling
self.decode_bytes(). But decode_bytes() is itself a public method
that a user might reach directly — for instance, when catching a
ProtocolError from decode() and trying to "resume" by feeding the
raw bytes to decode_bytes() — bypassing the poison contract
entirely. Once the buffer is poisoned, any public entry point that
consumes bytes and runs parser code must refuse to run.
Add self._buffer._check_poisoned() as the first statement of
decode_bytes(). The decode_message() convenience function is
unaffected: it creates a fresh MessageDecoder on every call, so
the gate can never fire there.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>1 parent c9201a1 commit 3e0e6c8
2 files changed
Lines changed: 33 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
285 | 285 | | |
286 | 286 | | |
287 | 287 | | |
| 288 | + | |
288 | 289 | | |
289 | 290 | | |
| 291 | + | |
290 | 292 | | |
291 | 293 | | |
292 | 294 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1141 | 1141 | | |
1142 | 1142 | | |
1143 | 1143 | | |
| 1144 | + | |
| 1145 | + | |
| 1146 | + | |
| 1147 | + | |
| 1148 | + | |
| 1149 | + | |
| 1150 | + | |
| 1151 | + | |
| 1152 | + | |
| 1153 | + | |
| 1154 | + | |
| 1155 | + | |
| 1156 | + | |
| 1157 | + | |
| 1158 | + | |
| 1159 | + | |
| 1160 | + | |
| 1161 | + | |
| 1162 | + | |
| 1163 | + | |
| 1164 | + | |
| 1165 | + | |
| 1166 | + | |
| 1167 | + | |
| 1168 | + | |
| 1169 | + | |
| 1170 | + | |
| 1171 | + | |
| 1172 | + | |
| 1173 | + | |
| 1174 | + | |
1144 | 1175 | | |
1145 | 1176 | | |
1146 | 1177 | | |
| |||
0 commit comments