Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

AMQ-7209 suppress stack trace in stomp error frame for SecurityExceptions to avoid any implementation detail leakage, fix and test

This commit is contained in:
gtully 2019-05-17 17:06:20 +01:00
parent ac4f4a82a7
commit 4129c1f659
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
activemq-stomp/src/main/java/org/apache/activemq/transport/stomp/ProtocolConverter.java
View File

@ -297,7 +297,11 @@ public class ProtocolConverter {
// Let the stomp client know about any protocol errors.
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PrintWriter stream = new PrintWriter(new OutputStreamWriter(baos, "UTF-8"));
exception.printStackTrace(stream);
if (exception instanceof SecurityException || exception.getCause() instanceof SecurityException) {
stream.write(exception.getLocalizedMessage());
} else {
exception.printStackTrace(stream);
}
stream.close();
HashMap<String, String> headers = new HashMap<>();

5
activemq-stomp/src/test/java/org/apache/activemq/transport/stomp/StompTest.java
View File

@ -901,6 +901,7 @@ public class StompTest extends StompTestSupport {
try {
String f = stompConnection.receiveFrame();
assertTrue(f.startsWith("ERROR"));
assertFalse("no stack trace impl leak:" + f, f.contains("at "));
} catch (IOException socketMayBeClosedFirstByBroker) {}
}
@ -913,6 +914,7 @@ public class StompTest extends StompTestSupport {
try {
String f = stompConnection.receiveFrame();
assertTrue(f.startsWith("ERROR"));
assertFalse("no stack trace impl leak:" + f, f.contains("at "));
} catch (IOException socketMayBeClosedFirstByBroker) {}
}
@ -930,6 +932,7 @@ public class StompTest extends StompTestSupport {
stompConnection.sendFrame(frame);
String f = stompConnection.receiveFrame();
assertTrue(f.startsWith("ERROR"));
assertFalse("no stack trace impl leak:" + f, f.contains("at "));
}
@Test(timeout = 60000)
@ -946,6 +949,7 @@ public class StompTest extends StompTestSupport {
stompConnection.sendFrame(frame);
frame = stompConnection.receiveFrame();
assertTrue(frame.startsWith("ERROR"));
assertFalse("no stack trace impl leak:" + frame, frame.contains("at "));
}
@Test(timeout = 60000)
@ -964,6 +968,7 @@ public class StompTest extends StompTestSupport {
frame = stompConnection.receiveFrame();
assertTrue(frame.startsWith("ERROR"));
assertTrue("Error Frame did not contain receipt-id", frame.indexOf(Stomp.Headers.Response.RECEIPT_ID) >= 0);
assertFalse("no stack trace impl leak:" + frame, frame.contains("at "));
}
@Test(timeout = 60000)