mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: Mina SSL buffer expansion bug (and patch)
Date Thu, 21 Jan 2016 14:46:20 GMT
Le 20/01/16 19:49, Emmanuel Lécharny a écrit :
> Le 20/01/16 19:33, Emmanuel Lécharny a écrit :
>> Le 20/01/16 17:01, Radovan Semancik a écrit :
>>> Hello,
>>>
>>> Working with Apache Directory API while getting Active Directory
>>> schema over SSL uncovered a bug in Mina 2 code. The attempt to read
>>> the data ended up in endless loop caused by consecutive overflows from
>>> the SSL engine. What is worse, no indication of this condition was
>>> passed to the client. The patch is attached.
>>>
>> Thanks a lot Radovan !
>>
>> I'll apply the patch and cut a release ASAP.
> A minor change : we don't need to expand the buffer, it's already at the
> max possible size.
>
> ...
>                 int newCapacity =
> sslEngine.getSession().getApplicationBufferSize();
>                
>                 if (appBuffer.remaining() >= newCapacity) {
>                     // The buffer is already larger than the max buffer
> size suggested by the SSL engine.
>                     // Raising it any more will not make sense and it
> will end up in an endless loop. Throwing an error is safer
>                     throw new SSLException("SSL buffer overflow");
>                 }
>
>                 appBuffer.capacity(newCapacity);
>                 appBuffer.limit(appBuffer.capacity());
>                 continue;
> ...
I was wrong. Radovan's original patch is the right one : the appBuffer
must be expanded.


Mime
View raw message