| Log Message: |
QPID-4629 Improve validation of received frames.
- Added checks to Buffer to ensure no buffer overruns occur;
- Fixed an unsigned comparison error in the checking function.
- Improved FieldValue decoding to check we've actually got data
before allocating the space for it.
- Disallowed large arrays (greater than 256 elements) of zero length
elements - avoids potential memory exhaustion problems.
[Fixes from Florian Weimer, Red Hat Product Security Team, lightly
modified]
This change fixes these vulnerabilities
CVE-2012-4458
CVE-2012-4459
CVE-2012-4460
|