[ https://issues.apache.org/jira/browse/PROTON-611?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14093435#comment-14093435 ]
Andrew Stitcher commented on PROTON-611: ---------------------------------------- This is issue should now be fixed (with an extended change based on the patch here). However it raises a larger issue of why there are so many different pieces of buffer code in Proton. It seems that this code might better use pn_buffer_t for its buffer management and this would avoid the entire probelm. > [proton-c] transport buffer increased to peer's max frame size if initial > output_size is not enough > --------------------------------------------------------------------------------------------------- > > Key: PROTON-611 > URL: https://issues.apache.org/jira/browse/PROTON-611 > Project: Qpid Proton > Issue Type: Bug > Components: proton-c > Affects Versions: 0.7 > Reporter: Dominic Evans > Assignee: Andrew Stitcher > Fix For: 0.8 > > Attachments: 20_fix_bad_malloc_in_transport_produce.patch > > > transport_produce attempts to allocate a negatively sized buffer > As soon as remote_max_frame is set, the code in transport_produce attempts to > increase its buffer immediately up to that size when its initial size isn't > enough. This causes a huge malloc to occur if the remote max frame size is > large and also potentially overflows MAX_INT -- This message was sent by Atlassian JIRA (v6.2#6252)