Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
The protocol processing logic for proton does not currently validate that amqp and sasl performatives actually have the correct frame type. In fact the current code completely ignores the frame type.
This really only means that it will accept some invalid protocol sequences and treat them as valid ones, it doesn't allow any security exploits in itself.