[ https://issues.apache.org/jira/browse/PROTON-771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14242115#comment-14242115 ]
ASF subversion and git services commented on PROTON-771: -------------------------------------------------------- Commit d8e99db54449f22ea2b77c2d9ee4203c9f049e45 in qpid-proton's branch refs/heads/master from [~astitcher] [ https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=d8e99db ] PROTON-771: Validate performative against frame type > AMQP and SASL performatives are not validated against correct frame type > ------------------------------------------------------------------------ > > Key: PROTON-771 > URL: https://issues.apache.org/jira/browse/PROTON-771 > Project: Qpid Proton > Issue Type: Bug > Components: proton-c > Reporter: Andrew Stitcher > Assignee: Andrew Stitcher > > The protocol processing logic for proton does not currently validate that > amqp and sasl performatives actually have the correct frame type. In fact the > current code completely ignores the frame type. > This really only means that it will accept some invalid protocol sequences > and treat them as valid ones, it doesn't allow any security exploits in > itself. -- This message was sent by Atlassian JIRA (v6.3.4#6332)