Andrew Stitcher created PROTON-771: -------------------------------------- Summary: AMQP and SASL performatives are not validated against correct frame type Key: PROTON-771 URL: https://issues.apache.org/jira/browse/PROTON-771 Project: Qpid Proton Issue Type: Bug Components: proton-c Reporter: Andrew Stitcher Assignee: Andrew Stitcher
The protocol processing logic for proton does not currently validate that amqp and sasl performatives actually have the correct frame type. In fact the current code completely ignores the frame type. This really only means that it will accept some invalid protocol sequences and treat them as valid ones, it doesn't allow any security exploits in itself. -- This message was sent by Atlassian JIRA (v6.3.4#6332)