Ken Giusti created PROTON-976:
---------------------------------
Summary: pn_read_frame does not validate frame offset
Key: PROTON-976
URL: https://issues.apache.org/jira/browse/PROTON-976
Project: Qpid Proton
Issue Type: Bug
Components: proton-c
Affects Versions: 0.10
Reporter: Ken Giusti
Assignee: Ken Giusti
Priority: Blocker
Fix For: 0.10
pn_read_frame in framing.c does not validate the doff with respect to the
frame size. If doff is corrupt proton will still attempt to parse the frame.
This can result in a crash.
I consider this a blocker as an attacker can craft a bad frame that results in
crashing the receiver.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
