Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

https://issues.apache.org/jira/browse/AMQ-498 - prevent dos attack for nio transport by specifying large frame size 

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1133003 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Bosanac Dejan 2011-06-07 13:26:04 +00:00
parent f6061bd4c6
commit d0b43c1a60
3 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOTransport.java
View File

@ -115,6 +115,9 @@ public class NIOTransport extends TcpTransport {
// for it.
inputBuffer.flip();
nextFrameSize = inputBuffer.getInt() + 4;
if (nextFrameSize > maxFrameSize) {
throw new IOException("Frame size of " + (nextFrameSize / (1024 * 1024)) + " MB larger than max allowed " + (maxFrameSize / (1024 * 1024)) + " MB");
}
if (nextFrameSize > inputBuffer.capacity()) {
currentBuffer = ByteBuffer.allocate(nextFrameSize);
currentBuffer.putInt(nextFrameSize);

12
activemq-core/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java
View File

@ -69,6 +69,10 @@ public class TcpTransport extends TransportThreadSupport implements Transport, S
protected DataOutputStream dataOut;
protected DataInputStream dataIn;
protected TimeStampStream buffOut = null;
protected int maxFrameSize = 104857600; //100MB
/**
* The Traffic Class to be set on the socket.
*/
@ -319,6 +323,14 @@ public class TcpTransport extends TransportThreadSupport implements Transport, S
return socketBufferSize;
}
public int getMaxFrameSize() {
return maxFrameSize;
}
public void setMaxFrameSize(int maxFrameSize) {
this.maxFrameSize = maxFrameSize;
}
/**
* Sets the buffer size to use on the socket
*/

6
activemq-core/src/test/resources/activemq.xml
View File

@ -26,13 +26,9 @@
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
<broker useJmx="false" xmlns="http://activemq.apache.org/schema/core" persistent="false">
<networkConnectors>
<networkConnector uri="multicast://default"/>
</networkConnectors>
<transportConnectors>
<transportConnector uri="tcp://localhost:0" discoveryUri="multicast://default"/>
<transportConnector uri="nio://localhost:61616?transport.maxFrameSize=10485760" />
</transportConnectors>
</broker>