Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.6.0, 12.0.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF1, 11.6.1
Opened: Sep 03, 2015 Severity: 3-Major
when a session variable value contains "0x" (for example 'value0x not encoded'), apd process treat the value as HEX-encoded and tries to decode it. decoding the not-encoded string causes apd to crash
apd crash
session variable contains substring "0x"
None
With this release: 1. Only values starting from 0x are treated as hex-encoded. 2. If hex decoding fails, apd does not crash.