Uploaded image for project: 'Hot Rod Native client'
  1. Hot Rod Native client
  2. HRCPP-434

Passing invalid client certificate results in System.AccessViolationException

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 8.2.0.Beta1
    • None
    • .NET
    • None

      When passing an invalid (malicious) client certificate to the C# HotRod client, it throws the following error when calling .getCache on the RemoteCacheManager. I suppose it should throw HotRodClientException.

       System.AccessViolationException : Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
4:    at Infinispan.HotRod.SWIGGen.hotrodcsPINVOKE.new_RemoteCacheManager__SWIG_4(HandleRef jarg1, Boolean jarg2)
4:    at Infinispan.HotRod.SWIGGen.RemoteCacheManager..ctor(Configuration configuration, Boolean start) in Y:\build_windows\swig\RemoteCacheManager.cs:line 96
4:    at Infinispan.HotRod.RemoteCacheManager..ctor(Configuration configuration, Boolean start) in Y:\src\main\cs\Infinispan\HotRod\RemoteCacheManager.cs:line 62
4:    at Infinispan.HotRod.Tests.SSLTest.ConfigureSecuredCaches(String serverCAFile, String clientCertFile, String sni) in Y:\src\test\cs\Infinispan\HotRod\SSLTest.cs:line 82
4:    at Infinispan.HotRod.Tests.SSLTest.ClientAuthFailureTest() in Y:\src\test\cs\Infinispan\HotRod\SSLTest.cs:line 39
4:
4:
4: PFXImportCertStore failed. hr=0x56

        1. malicious_client.p12
          3 kB

              vrigamon@redhat.com Vittorio Rigamonti
              mgencur Martin Gencur
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: