netty5

History

Hylke van der Schaaf 2f4f7135fb Validate fixed header bits in MQTT (#11389 ) Motivation: The MQTT spec states that the bits in the fixed header must be set to specific values depending on message type. If a client sends a message with the wrong bits, the server must treat the message as malformed. Netty did not check the value of the reserved bits in the fixed header. See: MQTT3.1.1: http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Toc442180835 MQTT 5.0: https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901023 Modification: Add validation checks to MqttDecoder.java Add unit tests to MqttCodecTest.java Fixed two instances where messages were generated for other unit tests with an incorrect fixed header. Result: Fixes #11379.	2021-06-16 14:59:15 +02:00
..
src	Validate fixed header bits in MQTT (#11389 )	2021-06-16 14:59:15 +02:00
pom.xml	[maven-release-plugin] prepare for next development iteration	2021-05-19 12:09:18 +00:00

Hylke van der Schaaf 2f4f7135fb

Validate fixed header bits in MQTT (#11389 )

Motivation:
The MQTT spec states that the bits in the fixed header must be set to specific values depending on message type. If a client sends a message with the wrong bits, the server must treat the message as malformed. Netty did not check the value of the reserved bits in the fixed header.

See:
MQTT3.1.1: http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Toc442180835
MQTT 5.0: https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901023


Modification:
Add validation checks to MqttDecoder.java
Add unit tests to MqttCodecTest.java 
Fixed two instances where messages were generated for other unit tests with an incorrect fixed header.

Result:
Fixes #11379.

2021-06-16 14:59:15 +02:00

src

Validate fixed header bits in MQTT (#11389 )

2021-06-16 14:59:15 +02:00

pom.xml

[maven-release-plugin] prepare for next development iteration

2021-05-19 12:09:18 +00:00