delta/python-packages/qpid-python.git - git.apache.org: qpid.git

diff options

author	Andrew Stitcher <astitcher@apache.org>	2013-03-05 21:57:48 +0000
committer	Andrew Stitcher <astitcher@apache.org>	2013-03-05 21:57:48 +0000
commit	d25b2cb6664389091476b900965eccba0e2bbefb (patch)
tree	f80b474f861a8d13f461e90cdf87e7b4a85f0aea /qpid/cpp/src/tests/Selector.cpp
parent	dc600a0afc9dbb8fb53747cd1fc9794ae460d059 (diff)
download	qpid-python-d25b2cb6664389091476b900965eccba0e2bbefb.tar.gz

QPID-4629 Improve validation of received frames.

- Added checks to Buffer to ensure no buffer overruns occur; - Fixed an unsigned comparison error in the checking function. - Improved FieldValue decoding to check we've actually got data before allocating the space for it. - Disallowed large arrays (greater than 256 elements) of zero length elements - avoids potential memory exhaustion problems. [Fixes from Florian Weimer, Red Hat Product Security Team, lightly modified] This change fixes these vulnerabilities CVE-2012-4458 CVE-2012-4459 CVE-2012-4460 git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1453031 13f79535-47bb-0310-9956-ffa450edef68

Diffstat (limited to 'qpid/cpp/src/tests/Selector.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: