Ken Giusti created PROTON-975:
---------------------------------

             Summary: crash occurs if buffer containing outcome and first 
encrypted frame is received
                 Key: PROTON-975
                 URL: https://issues.apache.org/jira/browse/PROTON-975
             Project: Qpid Proton
          Issue Type: Bug
          Components: proton-c
    Affects Versions: 0.10
            Reporter: Ken Giusti
            Priority: Blocker
             Fix For: 0.10


I'm hitting an occasional client crash when using an DIGEST-MD5 SASL mech to 
talk to the qpidd broker.

I've built the broker using the 0.10rc1 as the proton library.

I'm using a pyngus based client.  I will upload this reproducer.

Best I can tell, the client pushes a single buffer to the transport that 
contains both the SASL outcome frame from qpidd and the first encrypted frame.  
SASL does not handle this case correctly and attempts to parse the encrypted 
frame as cleartext.

I will open another bug against the frame decode to prevent parsing invalid 
frames.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to