You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@qpid.apache.org by ac...@apache.org on 2011/02/02 23:15:02 UTC

svn commit: r1066661 - /qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp

Author: aconway
Date: Wed Feb  2 22:15:01 2011
New Revision: 1066661

URL: http://svn.apache.org/viewvc?rev=1066661&view=rev
Log:
QPID-3033 Bug 674183 - Segmentation fault while processing session.attach

If a faulty client sent invalid frames to a connection that was not
yet in the open state, the broker would core dump.

The fix is to close the connection with a 'framing-error' in this case.

Modified:
    qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp

Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp?rev=1066661&r1=1066660&r2=1066661&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp Wed Feb  2 22:15:01 2011
@@ -160,7 +160,10 @@ void Connection::received(framing::AMQFr
     if (frame.getChannel() == 0 && frame.getMethod()) {
         adapter.handle(frame);
     } else {
-        getChannel(frame.getChannel()).in(frame);
+        if (adapter.isOpen())
+            getChannel(frame.getChannel()).in(frame);
+        else
+            close(connection::CLOSE_CODE_FRAMING_ERROR, "Connection not yet open, invalid frame received.");
     }
 
     if (isLink) //i.e. we are acting as the client to another broker



---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org