<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hi,<br>
</p>
You can always open a pull request at
<a class="moz-txt-link-freetext" href="https://github.com/DOCGroup/ACE_TAO">https://github.com/DOCGroup/ACE_TAO</a> with the proposed fixes for
review.<br>
<br>
Best regards,<br>
<pre class="moz-signature" cols="72">Johnny Willemsen
Remedy IT
Postbus 81 | 6930 AB Westervoort | The Netherlands
<a class="moz-txt-link-freetext" href="http://www.remedy.nl">http://www.remedy.nl</a>
</pre>
<div class="moz-cite-prefix">On 05/30/2017 10:55 AM, Electric Worry
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CABZPTZRcLDgV3610V_QvTJTukjdXZBpBPAC32awx7ySYTj=tjQ@mail.gmail.com">
<div dir="ltr">
<div>
<div>
<div>
<div>
<div>Hello,<br>
<br>
</div>
I've been doing some testing of TAO's resilience against
malicious input and I think I've found a minor issue
that might warrant some attention. It appears to only be
a null pointer dereference, so is probably not
exploitable, but it can cause a denial of service.<br>
<br>
</div>
I've just been testing against the MessengerServer from
the Dev Guide Examples, but I believe this issue would be
applicable against any application that uses TAO in a
similar way.<br>
<br>
</div>
Rather than divulge details here, is there anyone I can
discuss this with directly to ascertain whether this is an
issue, and if so to allow for appropriate fixes to be
applied?<br>
<br>
</div>
Thanks.</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
tao-bugs mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tao-bugs@list.isis.vanderbilt.edu">tao-bugs@list.isis.vanderbilt.edu</a>
<a class="moz-txt-link-freetext" href="http://list.isis.vanderbilt.edu/cgi-bin/mailman/listinfo/tao-bugs">http://list.isis.vanderbilt.edu/cgi-bin/mailman/listinfo/tao-bugs</a></pre>
</blockquote>
<br>
</body>
</html>