You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by mi...@apache.org on 2015/03/25 08:40:11 UTC
svn commit: r1669061 - in /zookeeper/branches/branch-3.5: CHANGES.txt
src/java/main/org/apache/jute/BinaryInputArchive.java
src/java/test/org/apache/jute/
src/java/test/org/apache/jute/BinaryInputArchiveTest.java
Author: michim
Date: Wed Mar 25 07:40:10 2015
New Revision: 1669061
URL: http://svn.apache.org/r1669061
Log:
ZOOKEEPER-2146 BinaryInputArchive readString should check length before allocating memory (Hongchao Deng via michim)
Added:
zookeeper/branches/branch-3.5/src/java/test/org/apache/jute/
zookeeper/branches/branch-3.5/src/java/test/org/apache/jute/BinaryInputArchiveTest.java
Modified:
zookeeper/branches/branch-3.5/CHANGES.txt
zookeeper/branches/branch-3.5/src/java/main/org/apache/jute/BinaryInputArchive.java
Modified: zookeeper/branches/branch-3.5/CHANGES.txt
URL: http://svn.apache.org/viewvc/zookeeper/branches/branch-3.5/CHANGES.txt?rev=1669061&r1=1669060&r2=1669061&view=diff
==============================================================================
--- zookeeper/branches/branch-3.5/CHANGES.txt (original)
+++ zookeeper/branches/branch-3.5/CHANGES.txt Wed Mar 25 07:40:10 2015
@@ -54,6 +54,9 @@ BUGFIXES:
ZOOKEEPER-2109 Typo in src/c/src/load_gen.c (surendra singh lilhore via rakeshr)
+ ZOOKEEPER-2146 BinaryInputArchive readString should check length before
+ allocating memory (Hongchao Deng via michim)
+
IMPROVEMENTS:
ZOOKEEPER-1660 Documentation for Dynamic Reconfiguration (Reed Wanderman-Milne via shralex)
Modified: zookeeper/branches/branch-3.5/src/java/main/org/apache/jute/BinaryInputArchive.java
URL: http://svn.apache.org/viewvc/zookeeper/branches/branch-3.5/src/java/main/org/apache/jute/BinaryInputArchive.java?rev=1669061&r1=1669060&r2=1669061&view=diff
==============================================================================
--- zookeeper/branches/branch-3.5/src/java/main/org/apache/jute/BinaryInputArchive.java (original)
+++ zookeeper/branches/branch-3.5/src/java/main/org/apache/jute/BinaryInputArchive.java Wed Mar 25 07:40:10 2015
@@ -27,7 +27,7 @@ import java.io.InputStream;
*
*/
public class BinaryInputArchive implements InputArchive {
-
+ static public final String UNREASONBLE_LENGTH= "Unreasonable length = ";
private DataInput in;
static public BinaryInputArchive getArchive(InputStream strm) {
@@ -78,6 +78,7 @@ public class BinaryInputArchive implemen
public String readString(String tag) throws IOException {
int len = in.readInt();
if (len == -1) return null;
+ checkLength(len);
byte b[] = new byte[len];
in.readFully(b);
return new String(b, "UTF8");
@@ -88,12 +89,7 @@ public class BinaryInputArchive implemen
public byte[] readBuffer(String tag) throws IOException {
int len = readInt(tag);
if (len == -1) return null;
- // Since this is a rough sanity check, add some padding to maxBuffer to
- // make up for extra fields, etc. (otherwise e.g. clients may be able to
- // write buffers larger than we can read from disk!)
- if (len < 0 || len > maxBuffer + 1024) {
- throw new IOException("Unreasonable length = " + len);
- }
+ checkLength(len);
byte[] arr = new byte[len];
in.readFully(arr);
return arr;
@@ -122,5 +118,13 @@ public class BinaryInputArchive implemen
}
public void endMap(String tag) throws IOException {}
-
+
+ // Since this is a rough sanity check, add some padding to maxBuffer to
+ // make up for extra fields, etc. (otherwise e.g. clients may be able to
+ // write buffers larger than we can read from disk!)
+ private void checkLength(int len) throws IOException {
+ if (len < 0 || len > maxBuffer + 1024) {
+ throw new IOException(UNREASONBLE_LENGTH + len);
+ }
+ }
}
Added: zookeeper/branches/branch-3.5/src/java/test/org/apache/jute/BinaryInputArchiveTest.java
URL: http://svn.apache.org/viewvc/zookeeper/branches/branch-3.5/src/java/test/org/apache/jute/BinaryInputArchiveTest.java?rev=1669061&view=auto
==============================================================================
--- zookeeper/branches/branch-3.5/src/java/test/org/apache/jute/BinaryInputArchiveTest.java (added)
+++ zookeeper/branches/branch-3.5/src/java/test/org/apache/jute/BinaryInputArchiveTest.java Wed Mar 25 07:40:10 2015
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jute;
+
+import junit.framework.Assert;
+import org.junit.Test;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+
+public class BinaryInputArchiveTest {
+
+ @Test
+ public void testReadStringCheckLength() {
+ byte[] buf = new byte[]{
+ Byte.MAX_VALUE, Byte.MAX_VALUE, Byte.MAX_VALUE, Byte.MAX_VALUE};
+ ByteArrayInputStream is = new ByteArrayInputStream(buf);
+ BinaryInputArchive ia = BinaryInputArchive.getArchive(is);
+ try {
+ ia.readString("");
+ Assert.fail("Should have thrown an IOException");
+ } catch (IOException e) {
+ Assert.assertTrue("Not 'Unreasonable length' exception: " + e,
+ e.getMessage().startsWith(BinaryInputArchive.UNREASONBLE_LENGTH));
+ }
+ }
+}