[ https://issues.apache.org/jira/browse/DIRMINA-454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Trustin Lee updated DIRMINA-454: -------------------------------- Fix Version/s: 1.0.7 1.1.4 Assignee: Trustin Lee Affects Version/s: (was: 1.1.2) 1.0.6 1.1.3 > Trivial denial of service in TextLineDecoder > -------------------------------------------- > > Key: DIRMINA-454 > URL: https://issues.apache.org/jira/browse/DIRMINA-454 > Project: MINA > Issue Type: Bug > Components: Filter > Affects Versions: 1.0.6, 1.1.3 > Reporter: Owen Jacobson > Assignee: Trustin Lee > Fix For: 1.1.4, 1.0.7 > > Attachments: no-dos.patch > > > In both of TextLineDecoder's decoding methods, the decoder only checks the > size of input after it's found at least one line ending character. > Infinitely long streams of, say, 'y's will cause the decoder to try to buffer > up data until the JVM falls over. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.