24 - Malformed contents can crash server in Direct Mode
Reported by pieterh (1223550782|%O ago)
In OpenAMQ/1.3b0 the content class "wire get" method does not properly check the size of the encoded message, allowing bad/evil clients to crash the server. To reproduce this, one sends a malformed content:
[nnnn] size of following message data, in network order
[n][exchange] exchange name (AMQP short string), only on feed
[n][routing key] routing key (AMQP short string)
[ff][property...] header flags + properties (AMQP format)
[bbbb][body] **** method does not check that 'bbbb' makes sense ****
No files attached to this page.
Edit | Files | Tags | Print
Who's following this issue?
Submitted by pieterh
Use one of these tags to say what kind of issue it is:
- issue - a fault in the software or the packaging or the documentation.
- change - a change or feature request.
Use one of these tags to say what state the issue is in:
- open - a new, open issue.
- closed - issue has been closed.
- rejected - the issue has been rejected.
Use one of these tags to say how urgent the issue is:
- fatal - the issue is stopping all work.
- urgent - it's urgent.