Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

https://issues.apache.org/jira/browse/AMQ-498 - check max frame size before umarshalling commands 

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1133956 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Bosanac Dejan 2011-06-09 16:01:16 +00:00
parent e5e99d72f3
commit 8a82119dd5
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
activemq-core/src/main/java/org/apache/activemq/openwire/OpenWireFormat.java
View File

@ -269,7 +269,10 @@ public final class OpenWireFormat implements WireFormat {
public Object unmarshal(DataInput dis) throws IOException {
DataInput dataIn = dis;
if (!sizePrefixDisabled) {
dis.readInt();
int size = dis.readInt();
if (size > maxFrameSize) {
throw new IOException("Frame size of " + (size / (1024 * 1024)) + " MB larger than max allowed " + (maxFrameSize / (1024 * 1024)) + " MB");
}
// int size = dis.readInt();
// byte[] data = new byte[size];
// dis.readFully(data);

27
activemq-core/src/test/java/org/apache/activemq/openwire/NumberRangesWhileMarshallingTest.java
View File

@ -23,6 +23,7 @@ import java.io.DataOutputStream;
import java.io.IOException;
import junit.framework.TestCase;
import org.apache.activemq.command.ActiveMQTextMessage;
import org.apache.activemq.command.SessionId;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -92,6 +93,32 @@ public class NumberRangesWhileMarshallingTest extends TestCase {
}
}
public void testMaxFrameSize() throws Exception {
OpenWireFormat wf = new OpenWireFormat();
wf.setMaxFrameSize(10);
ActiveMQTextMessage msg = new ActiveMQTextMessage();
msg.setText("This is a test");
writeObject(msg);
ds.writeInt(endOfStreamMarker);
// now lets read from the stream
ds.close();
ByteArrayInputStream in = new ByteArrayInputStream(buffer.toByteArray());
DataInputStream dis = new DataInputStream(in);
try {
wf.unmarshal(dis);
} catch (IOException ioe) {
return;
}
fail("Should fail because of the large frame size");
}
protected void setUp() throws Exception {
super.setUp();
openWireformat = createOpenWireFormat();