mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Trustin Lee (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DIRMINA-454) Trivial denial of service in TextLineDecoder
Date Tue, 16 Oct 2007 06:18:50 GMT

     [ https://issues.apache.org/jira/browse/DIRMINA-454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Trustin Lee updated DIRMINA-454:
--------------------------------

        Fix Version/s: 1.0.7
                       1.1.4
             Assignee: Trustin Lee
    Affects Version/s:     (was: 1.1.2)
                       1.0.6
                       1.1.3

> Trivial denial of service in TextLineDecoder
> --------------------------------------------
>
>                 Key: DIRMINA-454
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-454
>             Project: MINA
>          Issue Type: Bug
>          Components: Filter
>    Affects Versions: 1.0.6, 1.1.3
>            Reporter: Owen Jacobson
>            Assignee: Trustin Lee
>             Fix For: 1.1.4, 1.0.7
>
>         Attachments: no-dos.patch
>
>
> In both of TextLineDecoder's decoding methods, the decoder only checks the size of input
after it's found at least one line ending character.  Infinitely long streams of, say, 'y's
will cause the decoder to try to buffer up data until the JVM falls over.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message