Skip to content

Commit f5bcdac

Browse files
committed
added function for size limit of raw, array and map data to Unpacker interface
1 parent a1d09bd commit f5bcdac

File tree

4 files changed

+84
-6
lines changed

4 files changed

+84
-6
lines changed

src/main/java/org/msgpack/unpacker/AbstractUnpacker.java

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,13 @@
2828
public abstract class AbstractUnpacker implements Unpacker {
2929
protected MessagePack msgpack;
3030

31+
// TODO #MN and #SF about default values
32+
protected long rawSizeLimit = 65536;
33+
34+
protected int arraySizeLimit = 65536;
35+
36+
protected int mapSizeLimit = 65536;
37+
3138
protected AbstractUnpacker(MessagePack msgpack) {
3239
this.msgpack = msgpack;
3340
}
@@ -109,4 +116,22 @@ public long getReadByteCount() {
109116
public void resetReadByteCount() {
110117
throw new UnsupportedOperationException("Not implemented yet");
111118
}
119+
120+
public void setRawSizeLimit(long size) {
121+
if (size > 0 && size > 65536) {
122+
rawSizeLimit = size;
123+
}
124+
}
125+
126+
public void setArraySizeLimit(int size) {
127+
if (size > 0 && size > 65536) {
128+
arraySizeLimit = size;
129+
}
130+
}
131+
132+
public void setMapSizeLimit(int size) {
133+
if (size > 0 && size > 65536) {
134+
mapSizeLimit = size;
135+
}
136+
}
112137
}

src/main/java/org/msgpack/unpacker/MessagePackUnpacker.java

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -224,8 +224,10 @@ private boolean readOneWithoutStackLarge(Accept a, final int b) throws IOExcepti
224224
case 0xdb: // raw 32
225225
{
226226
int count = in.getInt();
227-
if (count < 0) {
228-
throw new IOException("Raw size too large"); // TODO error MessageSizeException
227+
if (count < 0 || count > rawSizeLimit) {
228+
String reason = String.format("Size of raw (%d) over limit at %d",
229+
new Object[] { count, rawSizeLimit });
230+
throw new SizeLimitException(reason);
229231
}
230232
if (count == 0) {
231233
a.acceptEmptyRaw();
@@ -255,8 +257,10 @@ private boolean readOneWithoutStackLarge(Accept a, final int b) throws IOExcepti
255257
case 0xdd: // array 32
256258
{
257259
int count = in.getInt();
258-
if (count < 0) {
259-
throw new IOException("Array size too large"); // TODO error MessageSizeException
260+
if (count < 0 || count > arraySizeLimit) {
261+
String reason = String.format("Size of array (%d) over limit at %d",
262+
new Object[] { count, arraySizeLimit });
263+
throw new SizeLimitException(reason);
260264
}
261265
a.acceptArray(count);
262266
stack.reduceCount();
@@ -278,8 +282,10 @@ private boolean readOneWithoutStackLarge(Accept a, final int b) throws IOExcepti
278282
case 0xdf: // map 32
279283
{
280284
int count = in.getInt();
281-
if (count < 0) {
282-
throw new IOException("Map size too large"); // TODO error MessageSizeException
285+
if (count < 0 && count > mapSizeLimit) {
286+
String reason = String.format("Size of map (%d) over limit at %d",
287+
new Object[] { count, mapSizeLimit });
288+
throw new SizeLimitException(reason);
283289
}
284290
a.acceptMap(count);
285291
stack.reduceCount();
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
//
2+
// MessagePack for Java
3+
//
4+
// Copyright (C) 2011 Muga Nishizawa
5+
//
6+
// Licensed under the Apache License, Version 2.0 (the "License");
7+
// you may not use this file except in compliance with the License.
8+
// You may obtain a copy of the License at
9+
//
10+
// http://www.apache.org/licenses/LICENSE-2.0
11+
//
12+
// Unless required by applicable law or agreed to in writing, software
13+
// distributed under the License is distributed on an "AS IS" BASIS,
14+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15+
// See the License for the specific language governing permissions and
16+
// limitations under the License.
17+
//
18+
package org.msgpack.unpacker;
19+
20+
import org.msgpack.MessageTypeException;
21+
22+
23+
@SuppressWarnings("serial")
24+
public class SizeLimitException extends MessageTypeException {
25+
public SizeLimitException() {
26+
super();
27+
}
28+
29+
public SizeLimitException(String message) {
30+
super(message);
31+
}
32+
33+
public SizeLimitException(String message, Throwable cause) {
34+
super(message, cause);
35+
}
36+
37+
public SizeLimitException(Throwable cause) {
38+
super(cause);
39+
}
40+
}

src/main/java/org/msgpack/unpacker/Unpacker.java

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,5 +90,12 @@ public interface Unpacker extends Iterable<Value>, Closeable {
9090
public long getReadByteCount();
9191

9292
public void resetReadByteCount();
93+
94+
95+
public void setRawSizeLimit(long size);
96+
97+
public void setArraySizeLimit(int size);
98+
99+
public void setMapSizeLimit(int size);
93100
}
94101

0 commit comments

Comments
 (0)