Andrey Slepykh created ARTEMIS-4706:
---------------------------------------
Summary: TAINTED_INT.LOOP.MIGHT possible loop freeze
Key: ARTEMIS-4706
URL: https://issues.apache.org/jira/browse/ARTEMIS-4706
Project: ActiveMQ Artemis
Issue Type: Bug
Components: ActiveMQ-Artemis-Native
Affects Versions: 2.25.0
Reporter: Andrey Slepykh
Assignee: Clebert Suconic
Attachments: Screenshot from 2024-03-30 12-16-32.png
Line <a
href=https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/scram/ScramUtils.java#L60
target=_blank>60</a> declares a loop based on the "iterationsCount" variable.
But the variable is checked only for the minimum value and is not checked in
any way for the maximum, which can lead to a large computational load for the
program
!Screenshot from 2024-03-30 12-16-32.png!
Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author: Firsov Vladimir.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
