Andrew Stitcher created PROTON-771:
--------------------------------------
Summary: AMQP and SASL performatives are not validated against
correct frame type
Key: PROTON-771
URL: https://issues.apache.org/jira/browse/PROTON-771
Project: Qpid Proton
Issue Type: Bug
Components: proton-c
Reporter: Andrew Stitcher
Assignee: Andrew Stitcher
The protocol processing logic for proton does not currently validate that amqp
and sasl performatives actually have the correct frame type. In fact the
current code completely ignores the frame type.
This really only means that it will accept some invalid protocol sequences and
treat them as valid ones, it doesn't allow any security exploits in itself.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
