Andrew Stitcher commented on PROTON-611:

This is issue should now be fixed (with an extended change based on the patch 

However it raises a larger issue of why there are so many different pieces of 
buffer code in Proton.

It seems that this code might better use pn_buffer_t for its buffer management 
and this would avoid the entire probelm.

> [proton-c] transport buffer increased to peer's max frame size if initial 
> output_size is not enough
> ---------------------------------------------------------------------------------------------------
>                 Key: PROTON-611
>                 URL: https://issues.apache.org/jira/browse/PROTON-611
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.7
>            Reporter: Dominic Evans
>            Assignee: Andrew Stitcher
>             Fix For: 0.8
>         Attachments: 20_fix_bad_malloc_in_transport_produce.patch
> transport_produce attempts to allocate a negatively sized buffer
> As soon as remote_max_frame is set, the code in transport_produce attempts to 
> increase its buffer immediately up to that size when its initial size isn't 
> enough. This causes a huge malloc to occur if the remote max frame size is 
> large and also potentially overflows MAX_INT

This message was sent by Atlassian JIRA

Reply via email to