You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In lines 122 to 137 of the Oppends_poc.cpp file, if we specify a value that is too large for the PC to manage during DataReader's QoS settings, the process will be forced to shut down.
This issue seems similar with #4388, and it was answered with one word: The responsiblity of the user. However, since fatal memory leaks can occur, I think OpenDDS, like other DDS software, should have at least a minimum guide.
The text was updated successfully, but these errors were encountered:
Expected behavior
Process will exit or handle exceptions
Current Behavior
Process keeps trying to make DataReader, but it crash and got killed signal with high RAM usage, finally got exited with singal SIGKILL.
This allows a local attacker to cause a denial of service and obtain sensitive information via a crafted max_samples component.
Steps to produce
Download poc project below.
DataReaderQos_poc.zip
stdout:
In lines 122 to 137 of the
Oppends_poc.cpp
file, if we specify a value that is too large for the PC to manage during DataReader's QoS settings, the process will be forced to shut down.OpenDDS Version
b1c5340
Platform
Ubuntu 22.04
Additional context
This issue seems similar with #4388, and it was answered with one word:
The responsiblity of the user
. However, since fatal memory leaks can occur, I think OpenDDS, like other DDS software, should have at least a minimum guide.The text was updated successfully, but these errors were encountered: