Qpid
  1. Qpid
  2. QPID-4735

C++ Broker ACL file size/count limit check bug when no value declared by user

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.20
    • Fix Version/s: 0.23
    • Component/s: C++ Broker
    • Labels:
      None

      Description

      The error in the ACL code shows up when:
      1. An ACL rule specifies an 'upper limit' rule such as filemaxsizeupperlimit
      2. The queue_declare call from the user does not specify qpid.file_size in the queue declaration.

      The broker passes a file_size lookup value of 0 to the ACL for checking.

      The ACL code (in error) sees that the lookup value is 0 and declares the comparison a failure despite the fact that the value (0) is less than the rule's upper limit.

      The fix is not to check that a lookup value is zero but just go ahead with the comparison.

      The failure is easy to trigger in the self test.

        Activity

        Hide
        Justin Ross added a comment -
        Show
        Justin Ross added a comment - Released in Qpid 0.24, http://qpid.apache.org/releases/qpid-0.24/index.html
        Hide
        Chuck Rolke added a comment -

        Fixed at Committed revision 1466652.

        Exposing the issue with the selftest function self.session.queue_declare did not work. Instead it was exposed directly with the acl.Lookup qmf functions.

        Show
        Chuck Rolke added a comment - Fixed at Committed revision 1466652. Exposing the issue with the selftest function self.session.queue_declare did not work. Instead it was exposed directly with the acl.Lookup qmf functions.

          People

          • Assignee:
            Chuck Rolke
            Reporter:
            Chuck Rolke
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development