You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Charles E. Rolke (Jira)" <ji...@apache.org> on 2020/03/06 22:15:00 UTC

[jira] [Created] (DISPATCH-1589) Policy integer settings not properly checked for overflow

Charles E. Rolke created DISPATCH-1589:
------------------------------------------

             Summary: Policy integer settings not properly checked for overflow
                 Key: DISPATCH-1589
                 URL: https://issues.apache.org/jira/browse/DISPATCH-1589
             Project: Qpid Dispatch
          Issue Type: Bug
          Components: Policy Engine
    Affects Versions: 1.10.0
            Reporter: Charles E. Rolke
            Assignee: Charles E. Rolke


in config code policy maxFrameSize are treated as a 64-bit integer. When processed by policy code only the bottom 32 bits are placed into a signed 32-bit integer and then checked for a value > 0 at run time.

A config file with:

{{    "maxFrameSize": 3000000000}}

will set the internal policy value to

{{    maxFrameSize: -1294967296}}

Since this value is negative policy code uses the default value.

If policy is using only 31 bits then the policy compilers should reject values that don't fit in 31 bits.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org