[jboss-jira] [JBoss JIRA] (WFLY-5367) Possible ArrayIndexOutOfBoundsException in HTTP2 HPACK implementation
Jan Stourac (JIRA)
issues at jboss.org
Fri Sep 18 10:03:00 EDT 2015
[ https://issues.jboss.org/browse/WFLY-5367?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Stourac moved JBEAP-1112 to WFLY-5367:
------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-5367 (was: JBEAP-1112)
Workflow: GIT Pull Request workflow (was: CDW v1)
Component/s: Web (Undertow)
(was: Web (Undertow))
Target Release: (was: 7.0.0.GA)
Affects Version/s: 10.0.0.CR1
(was: 7.0.0.DR10 (Alpha))
> Possible ArrayIndexOutOfBoundsException in HTTP2 HPACK implementation
> ---------------------------------------------------------------------
>
> Key: WFLY-5367
> URL: https://issues.jboss.org/browse/WFLY-5367
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Affects Versions: 10.0.0.CR1
> Reporter: Jan Stourac
> Assignee: Stuart Douglas
>
> When decoding really huge number via [Hpack.decodeInteger()|https://github.com/undertow-io/undertow/blob/90789748d3b493d7a233a4ef5ba8ae33032c1543/core/src/main/java/io/undertow/protocols/http2/Hpack.java#L150] there is possible ArrayIndexOutOfBoundsException caused by unchecked index variable "m" into array on [this line|https://github.com/undertow-io/undertow/blob/90789748d3b493d7a233a4ef5ba8ae33032c1543/core/src/main/java/io/undertow/protocols/http2/Hpack.java#L175] .
> There should be some check that "m" is not greater than PREFIX_TABLE.length-1.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list