Qpid
  1. Qpid
  2. QPID-2488

ACL - error handling/bounds checking

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.5, 0.6
    • Fix Version/s: 0.7
    • Component/s: C++ Broker
    • Labels:
      None

      Description

      Qpid ACL properties maxqueuesize, maxqueuecount, policytype, ... currently accepts invalid values.
      Only valid ACL rules should be applied, at the moment broker throws an exception at the point when invalid ACL rule is triggered.

      How reproducible:
      Always

      Steps to Reproduce:
      #set ACL rules vith invalid values
      acl allow tester@QPID all queue maxqueuesize=18446744073709551617
      acl allow tester@QPID all queue maxqueuesize=-1
      acl allow tester@QPID all queue policytype=invalid_policy_type

      Actual results:
      ACL rules with invalid rules/values are processed without any error message.

      qpidd.log:
      2009-oct-23 07:11:56 debug ACL Processing 1 allow [tester@QPID] * queue
      maxqueuesize=18446744073709551617
      2009-oct-23 07:11:56 debug ACL: Adding actions

      {consume,publish,create,access,bind,unbind,delete,purge,update}

      to objects

      {queue}

      with props

      { maxqueuesize=18446744073709551617 }

      for users

      {tester@QPID}

      ...

      Expected results:
      ACL rules with invalid property values should not be processed

      1. QPID-2488.patch
        9 kB
        Rajith Attapattu
      2. QPID-2488.test.patch
        3 kB
        Rajith Attapattu

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Rajith Attapattu
            Reporter:
            Rajith Attapattu
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development