You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by al...@apache.org on 2011/09/27 17:06:12 UTC
svn commit: r1176423 - in /jackrabbit/trunk:
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/persistence/util/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/value/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/ ja...
Author: alexparvulescu
Date: Tue Sep 27 15:06:11 2011
New Revision: 1176423
URL: http://svn.apache.org/viewvc?rev=1176423&view=rev
Log:
JCR-3083 Degrade gracefully when reading invalid date values
Modified:
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/persistence/util/BundleReader.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/value/InternalValue.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalBaselineImpl.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalVersionImpl.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/persistence/util/BundleBindingTest.java
jackrabbit/trunk/jackrabbit-spi-commons/src/main/java/org/apache/jackrabbit/spi/commons/value/AbstractQValue.java
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/persistence/util/BundleReader.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/persistence/util/BundleReader.java?rev=1176423&r1=1176422&r2=1176423&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/persistence/util/BundleReader.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/persistence/util/BundleReader.java Tue Sep 27 15:06:11 2011
@@ -403,15 +403,21 @@ class BundleReader {
if (version >= BundleBinding.VERSION_3) {
val = InternalValue.valueOf(
readString(), entry.getType());
+ } else {
+ // because writeUTF(String) has a size limit of 64k,
+ // Strings are serialized as <length><byte[]>
+ int len = in.readInt();
+ byte[] bytes = new byte[len];
+ in.readFully(bytes);
+ String stringVal = new String(bytes, "UTF-8");
+
+ // https://issues.apache.org/jira/browse/JCR-3083
+ if (PropertyType.DATE == entry.getType()) {
+ val = InternalValue.createDate(stringVal);
} else {
- // because writeUTF(String) has a size limit of 64k,
- // Strings are serialized as <length><byte[]>
- int len = in.readInt();
- byte[] bytes = new byte[len];
- in.readFully(bytes);
- val = InternalValue.valueOf(
- new String(bytes, "UTF-8"), entry.getType());
+ val = InternalValue.valueOf(stringVal, entry.getType());
}
+ }
}
values[i] = val;
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/value/InternalValue.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/value/InternalValue.java?rev=1176423&r1=1176422&r2=1176423&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/value/InternalValue.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/value/InternalValue.java Tue Sep 27 15:06:11 2011
@@ -25,6 +25,7 @@ import java.math.BigDecimal;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Calendar;
+import java.util.TimeZone;
import javax.jcr.Binary;
import javax.jcr.PropertyType;
@@ -242,7 +243,7 @@ public class InternalValue extends Abstr
case PropertyType.PATH:
return new InternalValue(value.getPath());
case PropertyType.STRING:
- return new InternalValue(value.getString());
+ return new InternalValue(value.getString(), PropertyType.STRING);
default:
throw new IllegalArgumentException("illegal value");
}
@@ -289,7 +290,7 @@ public class InternalValue extends Abstr
* @return the created value
*/
public static InternalValue create(String value) {
- return new InternalValue(value);
+ return new InternalValue(value, PropertyType.STRING);
}
/**
@@ -315,6 +316,18 @@ public class InternalValue extends Abstr
public static InternalValue create(Calendar value) {
return new InternalValue(value);
}
+
+ /**
+ * https://issues.apache.org/jira/browse/JCR-3083
+ *
+ * @param value
+ * @return the created value
+ */
+ public static InternalValue createDate(String value) {
+ InternalValue iv = new InternalValue(Calendar.getInstance(TimeZone.getTimeZone("GMT+00:00")));
+ iv.val = value;
+ return iv;
+ }
/**
* @param value
@@ -458,14 +471,9 @@ public class InternalValue extends Abstr
return (NodeId) val;
}
- public Calendar getDate() {
+ public Calendar getDate() throws RepositoryException {
assert val != null && type == PropertyType.DATE;
- try {
- return getCalendar();
- } catch (RepositoryException ignore) {
- assert false;
- return null;
- }
+ return getCalendar();
}
/**
@@ -533,10 +541,10 @@ public class InternalValue extends Abstr
}
//-------------------------------------------------------< implementation >
- private InternalValue(String value) {
- super(value, PropertyType.STRING);
+ private InternalValue(String value, int type) {
+ super(value, type);
}
-
+
private InternalValue(Name value) {
super(value);
}
@@ -731,8 +739,13 @@ public class InternalValue extends Abstr
if (object instanceof InternalValue) {
InternalValue that = (InternalValue) object;
if (type == PropertyType.DATE) {
- return that.type == PropertyType.DATE
- && getDate().getTimeInMillis() == that.getDate().getTimeInMillis();
+ try {
+ return that.type == PropertyType.DATE
+ && getDate().getTimeInMillis() == that.getDate()
+ .getTimeInMillis();
+ } catch (RepositoryException e) {
+ return false;
+ }
} else {
return type == that.type && val.equals(that.val);
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalBaselineImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalBaselineImpl.java?rev=1176423&r1=1176422&r2=1176423&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalBaselineImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalBaselineImpl.java Tue Sep 27 15:06:11 2011
@@ -41,7 +41,7 @@ class InternalBaselineImpl extends Inter
* @param node node state of this version
* @param name name of this version
*/
- InternalBaselineImpl(InternalVersionHistoryImpl vh, NodeStateEx node, Name name) {
+ InternalBaselineImpl(InternalVersionHistoryImpl vh, NodeStateEx node, Name name) throws RepositoryException {
super(vh, node, name);
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalVersionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalVersionImpl.java?rev=1176423&r1=1176422&r2=1176423&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalVersionImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/InternalVersionImpl.java Tue Sep 27 15:06:11 2011
@@ -77,7 +77,7 @@ class InternalVersionImpl extends Intern
* @param node node state of this version
* @param name name of this version
*/
- public InternalVersionImpl(InternalVersionHistoryImpl vh, NodeStateEx node, Name name) {
+ public InternalVersionImpl(InternalVersionHistoryImpl vh, NodeStateEx node, Name name) throws RepositoryException{
super(vh.getVersionManager(), node);
this.versionHistory = vh;
this.name = name;
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/persistence/util/BundleBindingTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/persistence/util/BundleBindingTest.java?rev=1176423&r1=1176422&r2=1176423&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/persistence/util/BundleBindingTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/persistence/util/BundleBindingTest.java Tue Sep 27 15:06:11 2011
@@ -24,6 +24,7 @@ import java.util.Arrays;
import java.util.Calendar;
import java.util.Collections;
import java.util.HashSet;
+import java.util.Iterator;
import javax.jcr.PropertyType;
@@ -80,6 +81,9 @@ public class BundleBindingTest extends T
throw new IllegalArgumentException(string);
}
public String indexToString(int idx) {
+ if(idx> strings.length){
+ return "";
+ }
return strings[idx];
}
};
@@ -368,6 +372,77 @@ public class BundleBindingTest extends T
assertDateSerialization("-9876-10-10T10:10:10.100Z");
}
+ /**
+ * Tests serialization of forbidden date values.
+ */
+ public void testForbiddenDateSerialization() throws Exception {
+
+ try {
+ // date from really far ahead
+ assertDateSerialization("20112022-11-11T19:00:00.000+01:00");
+ fail("should not be able to serialize future dates");
+ } catch (IllegalArgumentException e) {
+ // expected error
+ }
+ }
+
+ /**
+ * creates a future date that is illegal in v3 using v2, and checks that the
+ * error is being hadled gracefully
+ *
+ * JCR-3083 Degrade gracefully when reading invalid date values
+ */
+ public void testCorruptedBundle() throws Exception {
+
+ // Bundle as described by the BundleDumper:
+ // version: 1
+ // nodeTypeName: #13:#49
+ // parentUUID: f22c788c-ab98-47cf-95ab-6c495239807a
+ // definitionId: 1705077083
+ // mixins: -
+ // property: #1:#509
+ // modcount: 1
+ // type: Date
+ // definitionId: 806470580
+ // value: string: 20112022-11-11T19:00:00.000+01:00
+ // referenceable: false
+ // childId: 08026c9f-a88a-471b-bcc3-fca2bd82000b #1:linked_products
+ // modCount: 3
+ //
+ // corrupted value: Date -> 20112022-11-11T19:00:00.000+01:00
+
+ byte[] corrupted = new byte[] { 1, 0, 0, 13, 0, 0, 0, 49, 1, -14, 44,
+ 120, -116, -85, -104, 71, -49, -107, -85, 108, 73, 82, 57,
+ -128, 122, 0, 10, 49, 55, 48, 53, 48, 55, 55, 48, 56, 51, -1,
+ -1, -1, -1, 0,
+ 0, 0, 1, 0, 0, 1, -3, 0, 1, 0, 5, 0, 0, 9, 56, 48, 54, 52, 55,
+ 48, 53, 56, 48, 0, 0, 0, 1, 0, 0, 0, 33, 50, 48, 49, 49, 50,
+ 48, 50, 50, 45, 49, 49, 45, 49, 49, 84, 49, 57, 58, 48, 48, 58,
+ 48, 48, 46, 48, 48, 48, 43, 48, 49, 58, 48, 48, -1, -1, -1, -1,
+ 0, 1, 8, 2, 108, -97, -88, -118, 71, 27, -68, -61, -4, -94,
+ -67, -126, 0, 11, 0, 0, 0, 1, 0, 15, 108, 105, 110, 107, 101,
+ 100, 95, 112, 114, 111, 100, 117, 99, 116, 115, 0, 3, 0, 0, 0,
+ 0, 70, -53, 75, -124 };
+
+ NodePropBundle result = binding.readBundle(new ByteArrayInputStream(
+ corrupted), NodeId.randomId());
+
+ Iterator<PropertyEntry> iterator = result.getPropertyEntries()
+ .iterator();
+ PropertyEntry pe = iterator.next();
+ InternalValue iv = pe.getValues()[0];
+ assertEquals(PropertyType.DATE, pe.getType());
+ assertEquals(PropertyType.DATE, iv.getType());
+ assertEquals("20112022-11-11T19:00:00.000+01:00", iv.getString());
+
+ try {
+ iv.getDate();
+ fail("should not be able to read the property as a DATE");
+ } catch (Exception e) {
+ // expected
+ }
+ }
+
private void assertDateSerialization(String date) throws Exception {
assertValueSerialization(
InternalValue.valueOf(date, PropertyType.DATE));
Modified: jackrabbit/trunk/jackrabbit-spi-commons/src/main/java/org/apache/jackrabbit/spi/commons/value/AbstractQValue.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-spi-commons/src/main/java/org/apache/jackrabbit/spi/commons/value/AbstractQValue.java?rev=1176423&r1=1176422&r2=1176423&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-spi-commons/src/main/java/org/apache/jackrabbit/spi/commons/value/AbstractQValue.java (original)
+++ jackrabbit/trunk/jackrabbit-spi-commons/src/main/java/org/apache/jackrabbit/spi/commons/value/AbstractQValue.java Tue Sep 27 15:06:11 2011
@@ -204,9 +204,7 @@ public abstract class AbstractQValue imp
* @see QValue#getCalendar()
*/
public Calendar getCalendar() throws RepositoryException {
- if (type == PropertyType.DATE) {
- return ISO8601.parse(getString());
- } else if (type == PropertyType.DOUBLE) {
+ if (type == PropertyType.DOUBLE) {
Calendar cal = Calendar.getInstance(TimeZone.getTimeZone("GMT+00:00"));
cal.setTimeInMillis(((Double) val).longValue());
return cal;