Mosquitto crashes using bad version of protocol
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mosquitto |
Fix Released
|
High
|
Unassigned | ||
mosquitto (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned | ||
Quantal |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Remote clients can cause the broker to crash, meaning a DoS for other clients. The bug is caused by a double free() so no chance of buffer overrun or other security issue.
[Fix]
Remove the incorrect memory free call.
[Test Case]
[Regression Potential]
This case is now tested for as part of the continuous integration testing of upstream.
[Original Report]
Hi!
I'm developing my own MQTT library and I'm testing with Mosquitto Broker. If I use 0x02 instead of 0x03 as version of protocol, Mosquitto crashes:
1333455622: New connection from 192.168.10.114.
1333455622: Invalid protocol version 2 in CONNECT from 192.168.10.114.
1333455622: Socket read error on client (null), disconnecting.
*** glibc detected *** /usr/local/
Changed in mosquitto: | |
milestone: | 0.16 → 1.0 |
Changed in mosquitto: | |
status: | Fix Committed → Fix Released |
description: | updated |
Changed in mosquitto (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in mosquitto (Ubuntu Quantal): | |
status: | New → Confirmed |
description: | updated |
tags: |
added: verification-done removed: removal-candidate verification-needed |
Thanks for the report, I can confirm the bug. It's a trivial fix, but I'm going to write a test for it before I make the commit.