Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-1979

Decoding a bad message can overflow the stack

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: proton-c-0.27.0
    • Component/s: proton-c
    • Labels:

      Description

      Found by oss-fuzz: https://oss-fuzz.com/testcase?key=5920119225057280

      A message with a described type whose descriptor is an array containing described types of an array containing described types of... can cause enough stack use to overflow the process stack.

      The message is quite long (and essentially meaningless) but none the less syntactically valid.

        Attachments

          Activity

            People

            • Assignee:
              astitcher Andrew Stitcher
              Reporter:
              astitcher Andrew Stitcher
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: