Dnia 2015-02-26, czw o godzinie 01:38 +0100, Matěj Cepl pisze: > could anybody confirm that > http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/ >
As you can see at https://github.com/jabberd2/jabberd2/blob/f6225f9cc5af93835285a0a788479978d271ee38/sx/io.c#L64 stanza_size_limit is enforced on unencrypted/uncompressed bare stanza data. So if the lower layer (sx compress plugin) feeds too much data, the connection is torn down. -- /o__ Q: How do you stop an elephant from charging? (_<^' A: Take away his credit cards.