You are viewing a plain text version of this content. The canonical link for it is here.

Posted to proton@qpid.apache.org by "Ken Giusti (JIRA)" <ji...@apache.org> on 2014/03/17 15:51:43 UTC

[jira] [Created] (PROTON-537) [proton-c] Pointer corruption in SSL buffer handling logic.

Ken Giusti created PROTON-537:
---------------------------------

             Summary: [proton-c] Pointer corruption in SSL buffer handling logic.
                 Key: PROTON-537
                 URL: https://issues.apache.org/jira/browse/PROTON-537
             Project: Qpid Proton
          Issue Type: Bug
            Reporter: Ken Giusti


Found by running Coverity Scan.

If the application's input buffer is too small, the SSL layer will expand it as necessary.  During the expansion the data tracking pointer is not reset to the new memory buffer, causing a de-reference of an invalid pointer.




--
This message was sent by Atlassian JIRA
(v6.2#6252)