[MDEV-39219] Buffer overflow in PROXY protocol header v1 parsing - Jira

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Critical
Resolution: Unresolved
Affects Version/s: 10.11
Fix Version/s: 10.11
Component/s: Protocol
Labels:
- contribution

Description

There is a buffer overflow issue in the PROXY protocol v1 header parsing (parse_proxy_protocol_header()).

The loop that reads the v1 header could fill the entire buffer and then add a null terminator past the boundary, which leads to an off-by-one overflow.

Attachments

Activity

People

Assignee:: Georgi Kodinov

Reporter:: Georgi Kodinov

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2 days ago 08:21

Updated:: 2 days ago 08:21

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.