You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by lg...@apache.org on 2016/02/02 13:33:37 UTC
mina-sshd git commit: [SSHD-634] Suspicious read buffer re-use in
write command
Repository: mina-sshd
Updated Branches:
refs/heads/master 7d9c1e57e -> 11397d72c
[SSHD-634] Suspicious read buffer re-use in write command
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/11397d72
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/11397d72
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/11397d72
Branch: refs/heads/master
Commit: 11397d72c651f599ed6c3a0783b0e98c5c254dde
Parents: 7d9c1e5
Author: Lyor Goldstein <lg...@vmware.com>
Authored: Tue Feb 2 14:33:25 2016 +0200
Committer: Lyor Goldstein <lg...@vmware.com>
Committed: Tue Feb 2 14:33:25 2016 +0200
----------------------------------------------------------------------
.../apache/sshd/common/session/AbstractSession.java | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/11397d72/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
index cbbf96c..5aa6d31 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
@@ -413,11 +413,9 @@ public abstract class AbstractSession extends AbstractKexFactoryManager implemen
* Abstract method for processing incoming decoded packets.
* The given buffer will hold the decoded packet, starting from
* the command byte at the read position.
- * Packets must be processed within this call or be copied because
- * the given buffer is meant to be changed and updated when this
- * method returns.
*
- * @param buffer the buffer containing the packet
+ * @param buffer The {@link Buffer} containing the packet - it may be
+ * re-used to generate the response once request has been decoded
* @throws Exception if an exception occurs while handling this packet.
* @see #doHandleMessage(Buffer)
*/
@@ -1207,7 +1205,7 @@ public abstract class AbstractSession extends AbstractKexFactoryManager implemen
seqi = (seqi + 1) & 0xffffffffL;
// Get padding
int pad = decoderBuffer.getUByte();
- Buffer buf;
+ Buffer packet;
int wpos = decoderBuffer.wpos();
// Decompress if needed
if ((inCompression != null) && inCompression.isCompressionExecuted() && (authed || (!inCompression.isDelayed()))) {
@@ -1219,16 +1217,18 @@ public abstract class AbstractSession extends AbstractKexFactoryManager implemen
decoderBuffer.wpos(decoderBuffer.rpos() + decoderLength - 1 - pad);
inCompression.uncompress(decoderBuffer, uncompressBuffer);
- buf = uncompressBuffer;
+ packet = uncompressBuffer;
} else {
decoderBuffer.wpos(decoderLength + 4 - pad);
- buf = decoderBuffer;
+ packet = decoderBuffer;
}
if (log.isTraceEnabled()) {
- log.trace("decode({}) Received packet #{}: {}", this, seqi, buf.printHex());
+ log.trace("decode({}) Received packet #{}: {}", this, seqi, packet.printHex());
}
+ // create a copy of the packet in case it is re-used for the response
+ Buffer buf = ByteArrayBuffer.getCompactClone(packet.array(), packet.rpos(), packet.available());
// Update stats
inPacketsCount.incrementAndGet();
inBytesCount.addAndGet(buf.available());