[PROTON-1249] proton-j: unsafe type initialisations - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: proton-0.12.2
Fix Version/s: proton-0.13.1
Component/s: proton-j
Labels:
- proton-j
- security

Flags:

Patch

Description

In #readValue() for ArrayType, BinaryType, ListType and MapType
decoding, if the 'count' specified is very large then it is likely to
trigger an OutOfMemoryException. As these can come from an external data
source, during the SASL init for example, there is a potential for a
denial of service. The fix is to throw an IllegalArgumentException if
the count value is larger than the amount of data available in the
received bytes.

Attachments

Issue Links

links to

GitHub Pull Request #76

Activity

People

Assignee:: Dominic Evans

Reporter:: Dominic Evans

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 30/Jun/16 12:01

Updated:: 15/Jul/16 09:11

Resolved:: 12/Jul/16 08:10