[
https://issues.apache.org/jira/browse/SSHD-794?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Goldstein Lyor resolved SSHD-794.
---------------------------------
Resolution: Duplicate
Fix Version/s: 1.4.0
0.14.0 is a very (very) old version which we no longer support. As you have
mentioned, the current version (1.6.0) and the soon to be released (1.7) do not
have this issue (a.k.a. SSHD-701). Please use them - we do not have a policy of
backpatching old versions due to lack of manpower (not to mention the version
hell it entails). However, if you absolutely MUST use 0.14.0, you can clone the
code and patch it according to the fix in the official release...
> AbstractChannel.handleWindowAdjust(...) / Window.expand() don't check for
> integer overflow
> ------------------------------------------------------------------------------------------
>
> Key: SSHD-794
> URL: https://issues.apache.org/jira/browse/SSHD-794
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 0.14.0
> Environment: Any.
> Reporter: Curd Reinert
> Fix For: 1.4.0
>
>
> In AbstractChannel.handleWindowAdjust(Buffer), the window size is read from
> the buffer and passed to the window. In Window.expand(int), the window is
> added to the current size. If the current size is > 0 and the maximum allowed
> window adjustment (2^31 -1) is passed, size will become negative. This causes
> a loop when trying to read from / write to this channel which cosumes one
> processor core.
> The resulting size should be checked to be > 0.
> I see that this has been done for the 1.x release. Any chance that this can
> be fixed in 0.15?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
