Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-2488

ACL - error handling/bounds checking

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.5, 0.6
    • Fix Version/s: 0.7
    • Component/s: C++ Broker
    • Labels:
      None

      Description

      Qpid ACL properties maxqueuesize, maxqueuecount, policytype, ... currently accepts invalid values.
      Only valid ACL rules should be applied, at the moment broker throws an exception at the point when invalid ACL rule is triggered.

      How reproducible:
      Always

      Steps to Reproduce:
      #set ACL rules vith invalid values
      acl allow tester@QPID all queue maxqueuesize=18446744073709551617
      acl allow tester@QPID all queue maxqueuesize=-1
      acl allow tester@QPID all queue policytype=invalid_policy_type

      Actual results:
      ACL rules with invalid rules/values are processed without any error message.

      qpidd.log:
      2009-oct-23 07:11:56 debug ACL Processing 1 allow [tester@QPID] * queue
      maxqueuesize=18446744073709551617
      2009-oct-23 07:11:56 debug ACL: Adding actions

      {consume,publish,create,access,bind,unbind,delete,purge,update}

      to objects

      {queue}

      with props

      { maxqueuesize=18446744073709551617 }

      for users

      {tester@QPID}

      ...

      Expected results:
      ACL rules with invalid property values should not be processed

        Attachments

        1. QPID-2488.patch
          9 kB
          Rajith Attapattu
        2. QPID-2488.test.patch
          3 kB
          Rajith Attapattu

          Activity

            People

            • Assignee:
              rajith Rajith Attapattu
              Reporter:
              rajith Rajith Attapattu
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: