qpid-proton mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Margarita (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PROTON-560) Failing to transfer messages more than 4kB via AMQPS
Date Mon, 14 Apr 2014 13:56:18 GMT

    [ https://issues.apache.org/jira/browse/PROTON-560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13968373#comment-13968373
] 

Margarita commented on PROTON-560:
----------------------------------

The problem is in openssl.c:805 function process_input_ssl
While decoding and collecting large data stream from different frame one of the helper pointers
is not reinitialized and points to invalid memory region. Despite that memmove operation is
done on it (see comments with prefix  // PROTON-560):

if (!ssl->app_input_closed) {
      char *data = ssl->inbuf;                             // PROTON-560: data points 
      if (ssl->in_count > 0 || ssl->ssl_closed) {  /* if ssl_closed, send 0 count
*/
        pn_io_layer_t *io_next = ssl->io_layer->next;
        ssize_t consumed = io_next->process_input( io_next, data, ssl->in_count);
        if (consumed > 0) {
          ssl->in_count -= consumed;
          data += consumed;                                 
          work_pending = true;
          _log( ssl, "Application consumed %d bytes from peer\n", (int) consumed );
        } else if (consumed < 0) {
          _log(ssl, "Application layer closed its input, error=%d (discarding %d bytes)\n",
               (int) consumed, (int)ssl->in_count);
          ssl->in_count = 0;    // discard any pending input
          ssl->app_input_closed = consumed;
          if (ssl->app_output_closed && ssl->out_count == 0) {
            // both sides of app closed, and no more app output pending:
            start_ssl_shutdown(ssl);
          }
        } else {
          // app did not consume any bytes, must be waiting for a full frame
          if (ssl->in_count == ssl->in_size) {
            // but the buffer is full, not enough room for a full frame.
            // can we grow the buffer?
            uint32_t max_frame = pn_transport_get_max_frame(ssl->transport);
            if (!max_frame) max_frame = ssl->in_size * 2;  // no limit
            if (ssl->in_size < max_frame) {
              // no max frame limit - grow it.
              char *newbuf = (char *)malloc( max_frame );  // PROTON-560: extending buffer
here
              if (newbuf) {
                ssl->in_size *= max_frame;
                memmove( newbuf, ssl->inbuf, ssl->in_count );
                free( ssl->inbuf );
                ssl->inbuf = newbuf;                      // PROTON-560: 'data' ptr becomes
invalid
              }
              work_pending = true;  // can we get more input?
            } else {
              // can't gather any more input, but app needs more?
              // This is a bug - since SSL can buffer up to max-frame,
              // the application _must_ have enough data to process.  If
              // this is an oversized frame, the app _must_ handle it
              // by returning an error code to SSL.
              _log_error("Error: application unable to consume input.\n");
            }
          }
        }
      }
      if (ssl->in_count > 0 && data != ssl->inbuf)
        memmove( ssl->inbuf, data, ssl->in_count );      // PROTON-560: 'data' ptr is
used !
    }

The changes to fix bug:
             char *newbuf = (char *)malloc( max_frame );
              if (newbuf) {
                ssl->in_size = max_frame;                              // instead of ssl->in_size
*= max_frame;
                memmove( newbuf, ssl->inbuf, ssl->in_count );
                free( ssl->inbuf );
                ssl->inbuf = newbuf;
                data = ssl->inbuf;                                          //added
              }

> Failing to transfer messages more than 4kB via AMQPS
> ----------------------------------------------------
>
>                 Key: PROTON-560
>                 URL: https://issues.apache.org/jira/browse/PROTON-560
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.6
>         Environment: Fedora 64bit
>            Reporter: Margarita
>            Assignee: Ken Giusti
>
> We are using qpid-proton to transfer messages via SSL (AMQPS). While creating messages
larger than 4 kB we get error SSL Failure[-2]: Unknown Error.
> Does qpid-proton handle large message?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message