From f457cc314c6bc692731a87e8fed86d049e7c66c6 Mon Sep 17 00:00:00 2001
From: Gordon Sim <gsim@apache.org>
Date: Tue, 13 Jan 2015 10:25:15 +0000
Subject: QPID-6310: check validity of ranges when decoding sequence set

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1651321 13f79535-47bb-0310-9956-ffa450edef68
---
 qpid/cpp/src/qpid/framing/SequenceSet.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'qpid/cpp')

diff --git a/qpid/cpp/src/qpid/framing/SequenceSet.cpp b/qpid/cpp/src/qpid/framing/SequenceSet.cpp
index 72fcd8a9e2..845bf8bfae 100644
--- a/qpid/cpp/src/qpid/framing/SequenceSet.cpp
+++ b/qpid/cpp/src/qpid/framing/SequenceSet.cpp
@@ -54,7 +54,11 @@ void SequenceSet::decode(Buffer& buffer)
         throw IllegalArgumentException(QPID_MSG("Invalid size for sequence set: " << size)); 
 
     for (uint16_t i = 0; i < count; i++) {
-        add(SequenceNumber(buffer.getLong()), SequenceNumber(buffer.getLong()));
+        SequenceNumber a(buffer.getLong());
+        SequenceNumber b(buffer.getLong());
+        if (b < a)
+            throw IllegalArgumentException(QPID_MSG("Invalid range in sequence set: " << a << " -> " << b));
+        add(a, b);
     }
 }
 
-- 
cgit v1.2.1