** Description changed: [Impact] + Remote clients can cause the broker to crash, meaning a DoS for other clients. The bug is caused by a double free() so no chance of buffer overrun or other security issue. [Fix] + Remove the incorrect memory free call. [Test Case] [Regression Potential] + This case is now tested for as part of the continuous integration testing of upstream. [Original Report] Hi! I'm developing my own MQTT library and I'm testing with Mosquitto Broker. If I use 0x02 instead of 0x03 as version of protocol, Mosquitto crashes: 1333455622: New connection from 192.168.10.114. 1333455622: Invalid protocol version 2 in CONNECT from 192.168.10.114. 1333455622: Socket read error on client (null), disconnecting. *** glibc detected *** /usr/local/sbin/mosquitto: malloc(): smallbin double linked list corrupted: 0x018a83f8 ***
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/972389 Title: Mosquitto crashes using bad version of protocol To manage notifications about this bug go to: https://bugs.launchpad.net/mosquitto/+bug/972389/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
