From 3f853420dc4af614f18370549358052f80fab4b1 Mon Sep 17 00:00:00 2001
From: Alan Conway <aconway@apache.org>
Date: Wed, 2 Feb 2011 22:15:01 +0000
Subject: QPID-3033 Bug 674183 - Segmentation fault while processing
 session.attach

If a faulty client sent invalid frames to a connection that was not
yet in the open state, the broker would core dump.

The fix is to close the connection with a 'framing-error' in this case.

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1066661 13f79535-47bb-0310-9956-ffa450edef68
---
 cpp/src/qpid/broker/Connection.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'cpp')

diff --git a/cpp/src/qpid/broker/Connection.cpp b/cpp/src/qpid/broker/Connection.cpp
index 82761ac7e4..460799280e 100644
--- a/cpp/src/qpid/broker/Connection.cpp
+++ b/cpp/src/qpid/broker/Connection.cpp
@@ -160,7 +160,10 @@ void Connection::received(framing::AMQFrame& frame) {
     if (frame.getChannel() == 0 && frame.getMethod()) {
         adapter.handle(frame);
     } else {
-        getChannel(frame.getChannel()).in(frame);
+        if (adapter.isOpen())
+            getChannel(frame.getChannel()).in(frame);
+        else
+            close(connection::CLOSE_CODE_FRAMING_ERROR, "Connection not yet open, invalid frame received.");
     }
 
     if (isLink) //i.e. we are acting as the client to another broker
-- 
cgit v1.2.1