You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ignite.apache.org by ak...@apache.org on 2018/04/12 07:56:57 UTC

ignite git commit: IGNITE-8201 Added check for token len.

Repository: ignite
Updated Branches:
  refs/heads/ignite-8201 3316080a6 -> bc20f7827


IGNITE-8201 Added check for token len.


Project: http://git-wip-us.apache.org/repos/asf/ignite/repo
Commit: http://git-wip-us.apache.org/repos/asf/ignite/commit/bc20f782
Tree: http://git-wip-us.apache.org/repos/asf/ignite/tree/bc20f782
Diff: http://git-wip-us.apache.org/repos/asf/ignite/diff/bc20f782

Branch: refs/heads/ignite-8201
Commit: bc20f78270591eac5661db85018c07a83c5cb28b
Parents: 3316080
Author: Alexey Kuznetsov <ak...@apache.org>
Authored: Thu Apr 12 14:56:48 2018 +0700
Committer: Alexey Kuznetsov <ak...@apache.org>
Committed: Thu Apr 12 14:56:48 2018 +0700

----------------------------------------------------------------------
 .../rest/protocols/http/jetty/GridJettyRestHandler.java     | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ignite/blob/bc20f782/modules/rest-http/src/main/java/org/apache/ignite/internal/processors/rest/protocols/http/jetty/GridJettyRestHandler.java
----------------------------------------------------------------------
diff --git a/modules/rest-http/src/main/java/org/apache/ignite/internal/processors/rest/protocols/http/jetty/GridJettyRestHandler.java b/modules/rest-http/src/main/java/org/apache/ignite/internal/processors/rest/protocols/http/jetty/GridJettyRestHandler.java
index 1afdae1..99a8844 100644
--- a/modules/rest-http/src/main/java/org/apache/ignite/internal/processors/rest/protocols/http/jetty/GridJettyRestHandler.java
+++ b/modules/rest-http/src/main/java/org/apache/ignite/internal/processors/rest/protocols/http/jetty/GridJettyRestHandler.java
@@ -879,8 +879,13 @@ public class GridJettyRestHandler extends AbstractHandler {
         String sesTokStr = (String)params.get("sessionToken");
 
         try {
-            if (sesTokStr != null)
-                restReq.sessionToken(U.hexString2ByteArray(sesTokStr));
+            if (sesTokStr != null) {
+                // Token is a UUID encoded as 16 bytes as HEX.
+                byte[] bytes = U.hexString2ByteArray(sesTokStr);
+
+                if (bytes.length == 16)
+                    restReq.sessionToken(bytes);
+            }
         }
         catch (IllegalArgumentException ignored) {
             // Ignore invalid session token.