[PROTON-771] AMQP and SASL performatives are not validated against correct frame type - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: proton-0.9
Component/s: proton-c
Labels:
None

Description

The protocol processing logic for proton does not currently validate that amqp and sasl performatives actually have the correct frame type. In fact the current code completely ignores the frame type.

This really only means that it will accept some invalid protocol sequences and treat them as valid ones, it doesn't allow any security exploits in itself.

Attachments

Activity

People

Assignee:: Andrew Stitcher

Reporter:: Andrew Stitcher

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 10/Dec/14 22:15

Updated:: 07/Jan/16 12:13

Resolved:: 12/Dec/14 20:47