[infinispan-issues] [JBoss JIRA] Created: (ISPN-1225) check the length of vint/vlong values in hotrod protocol
Michal Linhard (JIRA)
jira-events at lists.jboss.org
Mon Jul 11 07:48:23 EDT 2011
check the length of vint/vlong values in hotrod protocol
--------------------------------------------------------
Key: ISPN-1225
URL: https://issues.jboss.org/browse/ISPN-1225
Project: Infinispan
Issue Type: Bug
Components: Cache Server
Affects Versions: 5.0.0.CR7
Reporter: Michal Linhard
Assignee: Galder Zamarreño
Currently no check is done on the length of the VInt/VLong values that are transmitted in messages of Hot Rod protocol.
(the next byte is read until its MSB is 0)
We could limit the length of the VInt value to 5 bytes and VLong to 9 bytes and throw an exception like "stream corrupted" if the limit is exceeded, for the purposes of input data validation ...
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the infinispan-issues
mailing list