< Previous by Date	Date Index	Next by Date >
	Thread Index	Next in Thread >

[reSIProcate] Unsafe use of Content-Length in ConnectionBase

From: Byron Campen <bcampen@xxxxxxxxxxxx>
Date: Tue, 29 Aug 2006 16:04:55 -0500

ConnectionBase uses header(h_ContentLength) without a try block intwo places. If Content-Length is malformed, we could end up withstrange behavior (I haven't dug very deep into precisely howstrange). Recommend we wrap these in try, and if something goeswrong, scrap the connection.


Best regards,
Byron Campen

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow-Ups:
- Re: [reSIProcate] Unsafe use of Content-Length in ConnectionBase
  - From: Byron Campen

Prev by Date: Re: [reSIProcate] Is compact form of header field name supported?
Next by Date: [reSIProcate] To DUM or not to DUM that is the question
Previous by thread: Re: [reSIProcate] Is compact form of header field name supported?
Next by thread: Re: [reSIProcate] Unsafe use of Content-Length in ConnectionBase
Index(es):
- Date
- Thread