[tao-bugs] Ability to crash service with invalid input

Johnny Willemsen jwillemsen at remedy.nl
Wed May 31 02:45:47 CDT 2017


> Is that what would be preferred? I don't want to publicly disclose
> details of a vulnerability in case it's used to affect users' services.
> Private disclosure might be better?

When you submit a pull request with the necessary fixes you don't have
to disclose how to misuse it, just contribute the change to fix it.


> On 30 May 2017 at 10:06, Johnny Willemsen <jwillemsen at remedy.nl
> <mailto:jwillemsen at remedy.nl>> wrote:
>     Hi,
>     You can always open a pull request at
>     https://github.com/DOCGroup/ACE_TAO
>     <https://github.com/DOCGroup/ACE_TAO> with the proposed fixes for
>     review.
>     Best regards,
>     Johnny Willemsen
>     Remedy IT
>     Postbus 81 | 6930 AB Westervoort | The Netherlands
>     http://www.remedy.nl
>     On 05/30/2017 10:55 AM, Electric Worry wrote:
>>     Hello,
>>     I've been doing some testing of TAO's resilience against malicious
>>     input and I think I've found a minor issue that might warrant some
>>     attention. It appears to only be a null pointer dereference, so is
>>     probably not exploitable, but it can cause a denial of service.
>>     I've just been testing against the MessengerServer from the Dev
>>     Guide Examples, but I believe this issue would be applicable
>>     against any application that uses TAO in a similar way.
>>     Rather than divulge details here, is there anyone I can discuss
>>     this with directly to ascertain whether this is an issue, and if
>>     so to allow for appropriate fixes to be applied?
>>     Thanks.
>>     _______________________________________________
>>     tao-bugs mailing list
>>     tao-bugs at list.isis.vanderbilt.edu
>>     <mailto:tao-bugs at list.isis.vanderbilt.edu>
>>     http://list.isis.vanderbilt.edu/cgi-bin/mailman/listinfo/tao-bugs
>>     <http://list.isis.vanderbilt.edu/cgi-bin/mailman/listinfo/tao-bugs>

More information about the tao-bugs mailing list