View Issue Details

IDProjectCategoryView StatusLast Update
000303910000-006: MappingsSpecpublic2015-06-30 17:05
ReporterMatthias Damm Assigned ToRandy Armstrong  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.03 
Target Version1.03Fixed in Version1.03 
Summary0003039: Limit depth of recursion for variant arrays and diagnosticInfo?
Description

We must state in the spec that implementers must be aware of possible recursions and must protect against it.

Message size is not enough protection. It is easy to create stack overflows with typical messages sizes.

TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Randy Armstrong

2015-06-25 19:38

administrator   ~0006180

Resolved in RC 1.03.13

Jim Luth

2015-06-30 16:56

administrator   ~0006182

We agreed in the review to require all UA stack decoders to support at least 100 levels of nesting. This will require all of our stacks to be updated to protect against stack crashes with payloads of high nesting levels.

Issue History

Date Modified Username Field Change
2015-04-17 07:42 Matthias Damm New Issue
2015-04-17 07:42 Matthias Damm Status new => assigned
2015-04-17 07:42 Matthias Damm Assigned To => Randy Armstrong
2015-06-25 19:38 Randy Armstrong Note Added: 0006180
2015-06-25 19:38 Randy Armstrong Status assigned => resolved
2015-06-25 19:38 Randy Armstrong Resolution open => fixed
2015-06-30 16:56 Jim Luth Note Added: 0006182
2015-06-30 16:56 Jim Luth Status resolved => closed
2015-06-30 16:56 Jim Luth Fixed in Version => 1.03
2015-06-30 16:57 Jim Luth Issue cloned: 0003106
2015-06-30 17:04 Jim Luth Issue cloned: 0003107
2015-06-30 17:05 Jim Luth Issue cloned: 0003108