*/
public String readString() throws TException {
int length = readVarint32();
+ checkReadLength(length);
if (length == 0) {
return "";
}
- if (maxNetworkBytes_ != -1 && length > maxNetworkBytes_) {
- throw new TException("Read size greater than max allowed.");
- }
-
try {
if (trans_.getBytesRemainingInBuffer() >= length) {
String str = new String(trans_.getBuffer(), trans_.getBufferPosition(), length, "UTF-8");
*/
public ByteBuffer readBinary() throws TException {
int length = readVarint32();
+ checkReadLength(length);
if (length == 0) return ByteBuffer.wrap(new byte[0]);
- if (maxNetworkBytes_ != -1 && length > maxNetworkBytes_) {
- throw new TException("Read size greater than max allowed.");
- }
-
byte[] buf = new byte[length];
trans_.readAll(buf, 0, length);
return ByteBuffer.wrap(buf);
return buf;
}
+ private void checkReadLength(int length) throws TProtocolException {
+ if (length < 0) {
+ throw new TProtocolException("Negative length: " + length);
+ }
+ if (maxNetworkBytes_ != -1 && length > maxNetworkBytes_) {
+ throw new TProtocolException("Length exceeded max allowed: " + length);
+ }
+ }
+
//
// These methods are here for the struct to call, but don't have any wire
// encoding.
package org.apache.thrift.protocol;
+import org.apache.thrift.TDeserializer;
+import org.apache.thrift.TException;
+
+import thrift.test.Bonk;
+
public class TestTBinaryProtocol extends ProtocolTestBase {
@Override
protected TProtocolFactory getFactory() {
protected boolean canBeUsedNaked() {
return true;
}
+
+ public void testOOMDenialOfService() throws Exception {
+ TDeserializer deser = new TDeserializer(new TBinaryProtocol
+ .Factory(false, false, 1000));
+ Bonk bonk = new Bonk();
+ try {
+ // Invalid read length specified here. Would cause an OOM
+ // without the limit on the read length
+ deser.deserialize(bonk, new byte[]{11, 0, 1, 127, -1, -1, -1});
+ } catch (TException e) {
+ // Ignore as we are only checking for OOM in the failure case
+ }
+ }
}
package org.apache.thrift.protocol;
+import org.apache.thrift.TDeserializer;
+import org.apache.thrift.TException;
+
+import thrift.test.Bonk;
public class TestTCompactProtocol extends ProtocolTestBase {
@Override
return true;
}
+ public void testOOMDenialOfService() throws Exception {
+ // Struct header, Integer.MAX_VALUE length, and only one real
+ // byte of data
+ byte [] bytes = {24, -1, -1, -1, -17, 49};
+ TDeserializer deser = new TDeserializer(new TCompactProtocol
+ .Factory(1000));
+ Bonk bonk = new Bonk();
+ try {
+ deser.deserialize(bonk, bytes);
+ } catch (TException e) {
+ // Ignore as we are only checking for OOM in the failure case
+ }
+ }
+
public static void main(String args[]) throws Exception {
new TestTCompactProtocol().benchmark();
}
Code Review / common / thrift.git / commitdiff
