On 26/02/15 11:32, Tomasz Sterna wrote:
> Dnia 2015-02-26, czw o godzinie 01:38 +0100, Matěj Cepl pisze:
>> could anybody confirm that
>> http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/
>>
>
> As you can see at
> https://github.com/jabberd2/jabberd2/blob/f6225f9cc5af93835285a0a788479978d271ee38/sx/io.c#L64
> stanza_size_limit is enforced on unencrypted/uncompressed bare stanza data.
> So if the lower layer (sx compress plugin) feeds too much data, the
> connection is torn down.
Thanks. Bugs have been closed.
Matěj
--
http://www.ceplovi.cz/matej/, Jabber: mc...@ceplovi.cz
GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC
If Patrick Henry thought that taxation without representation was
bad, he should see how bad it is with representation.