This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/karaf-decanter.git
The following commit(s) were added to refs/heads/master by this push:
new 2b94e6f KARAF-6837 - Use BoundedInputStream to put a limit on how
many bytes are read from the InputStream for the rest-servlet + socket
collectors
new 320fdf9 Merge pull request #192 from coheigea/KARAF-6837
2b94e6f is described below
commit 2b94e6f25fad33aea5ceddd44181e5b2d8384dc3
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Wed Sep 2 12:44:35 2020 +0100
KARAF-6837 - Use BoundedInputStream to put a limit on how many bytes are
read from the InputStream for the rest-servlet + socket collectors
---
assembly/src/main/feature/feature.xml | 2 ++
collector/file/pom.xml | 3 +--
collector/rest-servlet/pom.xml | 6 +++++-
.../org.apache.karaf.decanter.collector.rest.servlet.cfg | 3 +++
.../collector/rest/servlet/RestServletCollector.java | 8 +++++++-
collector/socket/pom.xml | 6 +++++-
.../cfg/org.apache.karaf.decanter.collector.socket.cfg | 3 +++
.../karaf/decanter/collector/socket/SocketCollector.java | 15 ++++++++++++---
pom.xml | 5 +++++
9 files changed, 43 insertions(+), 8 deletions(-)
diff --git a/assembly/src/main/feature/feature.xml
b/assembly/src/main/feature/feature.xml
index 75fb633..6484d78 100644
--- a/assembly/src/main/feature/feature.xml
+++ b/assembly/src/main/feature/feature.xml
@@ -169,12 +169,14 @@
org.apache.felix.eventadmin.IgnoreTimeout=org.apache.karaf.decanter.
<feature>decanter-common</feature>
<feature>http-whiteboard</feature>
<configfile
finalname="/etc/org.apache.karaf.decanter.collector.rest.servlet.cfg">mvn:org.apache.karaf.decanter.collector/org.apache.karaf.decanter.collector.rest.servlet/${project.version}/cfg</configfile>
+ <bundle dependency="true">mvn:commons-io/commons-io/2.7</bundle>
<bundle>mvn:org.apache.karaf.decanter.collector/org.apache.karaf.decanter.collector.rest.servlet/${project.version}</bundle>
</feature>
<feature name="decanter-collector-socket" version="${project.version}"
description="Karaf Decanter Network Socket Collector">
<feature>decanter-common</feature>
<configfile
finalname="/etc/org.apache.karaf.decanter.collector.socket.cfg">mvn:org.apache.karaf.decanter.collector/org.apache.karaf.decanter.collector.socket/${project.version}/cfg</configfile>
+ <bundle dependency="true">mvn:commons-io/commons-io/2.7</bundle>
<bundle>mvn:org.apache.karaf.decanter.collector/org.apache.karaf.decanter.collector.socket/${project.version}</bundle>
</feature>
diff --git a/collector/file/pom.xml b/collector/file/pom.xml
index 77e083b..cf75e1e 100644
--- a/collector/file/pom.xml
+++ b/collector/file/pom.xml
@@ -37,7 +37,6 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>2.7</version>
</dependency>
<dependency>
<groupId>org.apache.karaf.decanter.collector</groupId>
@@ -75,4 +74,4 @@
</plugins>
</build>
-</project>
\ No newline at end of file
+</project>
diff --git a/collector/rest-servlet/pom.xml b/collector/rest-servlet/pom.xml
index e78b296..3da8742 100644
--- a/collector/rest-servlet/pom.xml
+++ b/collector/rest-servlet/pom.xml
@@ -34,6 +34,10 @@
<dependencies>
<dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.karaf.decanter</groupId>
<artifactId>org.apache.karaf.decanter.api</artifactId>
</dependency>
@@ -93,4 +97,4 @@
</plugin>
</plugins>
</build>
-</project>
\ No newline at end of file
+</project>
diff --git
a/collector/rest-servlet/src/main/cfg/org.apache.karaf.decanter.collector.rest.servlet.cfg
b/collector/rest-servlet/src/main/cfg/org.apache.karaf.decanter.collector.rest.servlet.cfg
index 5fc8cfc..62c16e7 100644
---
a/collector/rest-servlet/src/main/cfg/org.apache.karaf.decanter.collector.rest.servlet.cfg
+++
b/collector/rest-servlet/src/main/cfg/org.apache.karaf.decanter.collector.rest.servlet.cfg
@@ -23,3 +23,6 @@
# Unmarshaller to use
unmarshaller.target=(dataFormat=json)
+
+# The maximum request size (in bytes). Set to -1 not to put any limit on the
request size.
+max.request.size=100000
diff --git
a/collector/rest-servlet/src/main/java/org/apache/karaf/decanter/collector/rest/servlet/RestServletCollector.java
b/collector/rest-servlet/src/main/java/org/apache/karaf/decanter/collector/rest/servlet/RestServletCollector.java
index ea7d806..d27d3c2 100644
---
a/collector/rest-servlet/src/main/java/org/apache/karaf/decanter/collector/rest/servlet/RestServletCollector.java
+++
b/collector/rest-servlet/src/main/java/org/apache/karaf/decanter/collector/rest/servlet/RestServletCollector.java
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.io.input.BoundedInputStream;
import org.apache.karaf.decanter.api.marshaller.Unmarshaller;
import org.apache.karaf.decanter.collector.utils.PropertiesPreparator;
import org.osgi.service.component.ComponentContext;
@@ -62,6 +63,7 @@ public class RestServletCollector extends HttpServlet {
private String baseTopic;
private Dictionary<String, Object> properties;
+ private long maxRequestSize = 100000;
@SuppressWarnings("unchecked")
@Activate
@@ -69,6 +71,9 @@ public class RestServletCollector extends HttpServlet {
Dictionary<String, Object> props = context.getProperties();
this.baseTopic = getProperty(props, "topic",
"decanter/collect/rest-servlet");
this.properties = props;
+ if (this.properties.get("max.request.size") != null) {
+ maxRequestSize =
Long.parseLong((String)this.properties.get("max.request.size"));
+ }
}
private String getProperty(Dictionary<String, Object> properties, String
key, String defaultValue) {
@@ -81,7 +86,8 @@ public class RestServletCollector extends HttpServlet {
LOGGER.debug("Karaf Decanter REST Servlet Collector request received
from {}", req.getRequestURI());
try {
StringBuilder builder = new StringBuilder();
- try (BufferedReader reader = new BufferedReader(new
InputStreamReader(req.getInputStream()))) {
+ try (BoundedInputStream boundedInputStream = new
BoundedInputStream(req.getInputStream(), maxRequestSize);
+ BufferedReader reader = new BufferedReader(new
InputStreamReader(boundedInputStream))) {
String line;
while ((line = reader.readLine()) != null) {
builder.append(line);
diff --git a/collector/socket/pom.xml b/collector/socket/pom.xml
index edfe9fc..2555ae2 100644
--- a/collector/socket/pom.xml
+++ b/collector/socket/pom.xml
@@ -35,6 +35,10 @@
<dependencies>
<dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.karaf.decanter</groupId>
<artifactId>org.apache.karaf.decanter.api</artifactId>
</dependency>
@@ -106,4 +110,4 @@
</plugin>
</plugins>
</build>
-</project>
\ No newline at end of file
+</project>
diff --git
a/collector/socket/src/main/cfg/org.apache.karaf.decanter.collector.socket.cfg
b/collector/socket/src/main/cfg/org.apache.karaf.decanter.collector.socket.cfg
index 5247b5f..fdc3f12 100644
---
a/collector/socket/src/main/cfg/org.apache.karaf.decanter.collector.socket.cfg
+++
b/collector/socket/src/main/cfg/org.apache.karaf.decanter.collector.socket.cfg
@@ -31,3 +31,6 @@
# Unmarshaller to use
# Unmarshaller is identified by data format. The default is json, but you can
use another unmarshaller
unmarshaller.target=(dataFormat=json)
+
+# The maximum request size (in bytes). Set to -1 not to put any limit on the
request size.
+max.request.size=100000
diff --git
a/collector/socket/src/main/java/org/apache/karaf/decanter/collector/socket/SocketCollector.java
b/collector/socket/src/main/java/org/apache/karaf/decanter/collector/socket/SocketCollector.java
index 0ff1c27..163d49e 100644
---
a/collector/socket/src/main/java/org/apache/karaf/decanter/collector/socket/SocketCollector.java
+++
b/collector/socket/src/main/java/org/apache/karaf/decanter/collector/socket/SocketCollector.java
@@ -28,6 +28,7 @@ import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
+import org.apache.commons.io.input.BoundedInputStream;
import org.apache.karaf.decanter.api.marshaller.Unmarshaller;
import org.apache.karaf.decanter.collector.utils.PropertiesPreparator;
import org.osgi.service.component.ComponentContext;
@@ -60,6 +61,7 @@ public class SocketCollector implements Closeable, Runnable {
private ExecutorService executor;
private Dictionary<String, Object> properties;
private String eventAdminTopic;
+ private long maxRequestSize = 100000;
@Reference
public Unmarshaller unmarshaller;
@@ -96,6 +98,10 @@ public class SocketCollector implements Closeable, Runnable {
break;
}
+ if (this.properties.get("max.request.size") != null) {
+ maxRequestSize =
Long.parseLong((String)this.properties.get("max.request.size"));
+ }
+
// adding 1 for serverSocket handling
this.executor = Executors.newFixedThreadPool(workers + 1);
this.executor.execute(this);
@@ -114,7 +120,7 @@ public class SocketCollector implements Closeable, Runnable
{
case TCP:
Socket socket = serverSocket.accept();
LOGGER.debug("Connected to TCP client at {}",
socket.getInetAddress());
- this.executor.execute(new SocketRunnable(socket));
+ this.executor.execute(new SocketRunnable(socket,
maxRequestSize));
break;
case UDP:
@@ -160,14 +166,17 @@ public class SocketCollector implements Closeable,
Runnable {
private class SocketRunnable implements Runnable {
private Socket clientSocket;
+ private final long maxRequestSize;
- public SocketRunnable(Socket clientSocket) {
+ public SocketRunnable(Socket clientSocket, long maxRequestSize) {
this.clientSocket = clientSocket;
+ this.maxRequestSize = maxRequestSize;
}
public void run() {
try {
- try (BufferedReader reader = new BufferedReader(new
InputStreamReader(clientSocket.getInputStream()))) {
+ try (BoundedInputStream boundedInputStream = new
BoundedInputStream(clientSocket.getInputStream(), maxRequestSize);
+ BufferedReader reader = new BufferedReader(new
InputStreamReader(boundedInputStream))) {
String line;
while ((line = reader.readLine()) != null) {
Map<String, Object> data = new HashMap<>();
diff --git a/pom.xml b/pom.xml
index 24d51e3..73b14ba 100644
--- a/pom.xml
+++ b/pom.xml
@@ -369,6 +369,11 @@
<artifactId>derby</artifactId>
<version>10.14.2.0</version>
</dependency>
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>2.7</version>
+ </dependency>
</dependencies>
</dependencyManagement>
