Repository: activemq-artemis Updated Branches: refs/heads/master 6407580b6 -> ec9779786
ARTEMIS-1482 Catch malformed SimpleString Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/76b1f9cf Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/76b1f9cf Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/76b1f9cf Branch: refs/heads/master Commit: 76b1f9cf8faa4797122ac71273b507bf146e1c06 Parents: 6407580 Author: Martyn Taylor <mtay...@redhat.com> Authored: Wed Oct 25 14:12:44 2017 +0100 Committer: Justin Bertram <jbert...@apache.org> Committed: Wed Oct 25 10:22:01 2017 -0500 ---------------------------------------------------------------------- .../activemq/artemis/api/core/SimpleString.java | 3 ++ .../artemis/utils/SimpleStringTest.java | 41 ++++++++++++++++++++ 2 files changed, 44 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/76b1f9cf/artemis-commons/src/main/java/org/apache/activemq/artemis/api/core/SimpleString.java ---------------------------------------------------------------------- diff --git a/artemis-commons/src/main/java/org/apache/activemq/artemis/api/core/SimpleString.java b/artemis-commons/src/main/java/org/apache/activemq/artemis/api/core/SimpleString.java index e8530e6..79909c7 100644 --- a/artemis-commons/src/main/java/org/apache/activemq/artemis/api/core/SimpleString.java +++ b/artemis-commons/src/main/java/org/apache/activemq/artemis/api/core/SimpleString.java @@ -146,6 +146,9 @@ public final class SimpleString implements CharSequence, Serializable, Comparabl public static SimpleString readSimpleString(ByteBuf buffer) { int len = buffer.readInt(); + if (len > buffer.readableBytes()) { + throw new IndexOutOfBoundsException(); + } byte[] data = new byte[len]; buffer.readBytes(data); return new SimpleString(data); http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/76b1f9cf/artemis-commons/src/test/java/org/apache/activemq/artemis/utils/SimpleStringTest.java ---------------------------------------------------------------------- diff --git a/artemis-commons/src/test/java/org/apache/activemq/artemis/utils/SimpleStringTest.java b/artemis-commons/src/test/java/org/apache/activemq/artemis/utils/SimpleStringTest.java new file mode 100644 index 0000000..0498cab --- /dev/null +++ b/artemis-commons/src/test/java/org/apache/activemq/artemis/utils/SimpleStringTest.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.activemq.artemis.utils; + +import io.netty.buffer.ByteBuf; +import io.netty.buffer.ByteBufAllocator; +import org.apache.activemq.artemis.api.core.SimpleString; +import org.junit.Test; + +import static org.junit.Assert.assertTrue; + +public class SimpleStringTest { + + @Test + public void testOutOfBoundsThrownOnMalformedString() { + ByteBuf byteBuffer = ByteBufAllocator.DEFAULT.buffer(5); + byteBuffer.writeInt(100); + + Exception e = null; + try { + SimpleString.readSimpleString(byteBuffer); + } catch (IndexOutOfBoundsException iob) { + e = iob; + } + assertTrue(e instanceof IndexOutOfBoundsException); + } +}
