[jira] [Resolved] (QPID-2158) [Java 0-8/0-9] Overlong AMQShortStrings incorrectly encoded and cause Frame corruption

Tue, 07 Jun 2011 08:07:43 -0700 

     [ 
https://issues.apache.org/jira/browse/QPID-2158?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robbie Gemmell resolved QPID-2158.
----------------------------------

    Resolution: Fixed

Patch applied.

> [Java 0-8/0-9] Overlong AMQShortStrings incorrectly encoded and cause Frame 
> corruption
> --------------------------------------------------------------------------------------
>
>                 Key: QPID-2158
>                 URL: https://issues.apache.org/jira/browse/QPID-2158
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Common
>    Affects Versions: M2, M2.1, M3, M4, 0.5, 0.6, 0.7, 0.8, 0.9, 0.10
>            Reporter: Rob Godfrey
>            Assignee: Robbie Gemmell
>             Fix For: 0.11
>
>         Attachments: adds-amqshortstring-length-validation.patch
>
>
> AMQP defines as shortstr as a 1-octet length followed by that many octets of 
> data.  In java we use the AMQShortString class to represent this datatype in 
> the 0-8/0-9 codebase.  Unfortunately the AMQShortString class does not check 
> to ensure that on construction its total length is less than 256 characters.  
> In cases where an overlong  AMQShortString is created and subsequently 
> encoded, the size is written out as (byte) length, which means that a String 
> of length 296 will be encoded as an octect with value 40 (296 & 255) followed 
> by 296 octets of data.  Upon decoding this causes a frame decoding error.
> We should check on construction of an AMQShortString that the underlying data 
> does not have length > 255, and that if it does we should throw an 
> appropriate exception (IndexOutOfBoundsException?)
> [This error was discovered when a long queue name was created, and that queue 
> subsequently used as the destination for a reply-to field... the encoding of 
> a reply-to copies the queue name twice (once as the queue name, once as the 
> binding-key]

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscr...@qpid.apache.org

Reply via email to