activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dej...@apache.org
Subject svn commit: r1133003 - in /activemq/trunk/activemq-core/src: main/java/org/apache/activemq/transport/nio/NIOTransport.java main/java/org/apache/activemq/transport/tcp/TcpTransport.java test/resources/activemq.xml
Date Tue, 07 Jun 2011 13:26:04 GMT
Author: dejanb
Date: Tue Jun  7 13:26:04 2011
New Revision: 1133003

URL: http://svn.apache.org/viewvc?rev=1133003&view=rev
Log:
https://issues.apache.org/jira/browse/AMQ-498 - prevent dos attack for nio transport by specifying
large frame size

Modified:
    activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOTransport.java
    activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java
    activemq/trunk/activemq-core/src/test/resources/activemq.xml

Modified: activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOTransport.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOTransport.java?rev=1133003&r1=1133002&r2=1133003&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOTransport.java
(original)
+++ activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOTransport.java
Tue Jun  7 13:26:04 2011
@@ -115,6 +115,9 @@ public class NIOTransport extends TcpTra
                     // for it.
                     inputBuffer.flip();
                     nextFrameSize = inputBuffer.getInt() + 4;
+                    if (nextFrameSize > maxFrameSize) {
+                        throw new IOException("Frame size of " + (nextFrameSize / (1024 *
1024)) + " MB larger than max allowed " + (maxFrameSize / (1024 * 1024)) + " MB");
+                    }
                     if (nextFrameSize > inputBuffer.capacity()) {
                         currentBuffer = ByteBuffer.allocate(nextFrameSize);
                         currentBuffer.putInt(nextFrameSize);

Modified: activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java?rev=1133003&r1=1133002&r2=1133003&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java
(original)
+++ activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java
Tue Jun  7 13:26:04 2011
@@ -69,6 +69,10 @@ public class TcpTransport extends Transp
     protected DataOutputStream dataOut;
     protected DataInputStream dataIn;
     protected TimeStampStream buffOut = null;
+
+    protected int maxFrameSize = 104857600; //100MB
+
+
     /**
      * The Traffic Class to be set on the socket.
      */
@@ -319,6 +323,14 @@ public class TcpTransport extends Transp
         return socketBufferSize;
     }
 
+    public int getMaxFrameSize() {
+        return maxFrameSize;
+    }
+
+    public void setMaxFrameSize(int maxFrameSize) {
+        this.maxFrameSize = maxFrameSize;
+    }
+
     /**
      * Sets the buffer size to use on the socket
      */

Modified: activemq/trunk/activemq-core/src/test/resources/activemq.xml
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/activemq.xml?rev=1133003&r1=1133002&r2=1133003&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/resources/activemq.xml (original)
+++ activemq/trunk/activemq-core/src/test/resources/activemq.xml Tue Jun  7 13:26:04 2011
@@ -26,13 +26,9 @@
   <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
 
   <broker useJmx="false"  xmlns="http://activemq.apache.org/schema/core" persistent="false">
-  
-    <networkConnectors>
-      <networkConnector uri="multicast://default"/>
-    </networkConnectors>
 
     <transportConnectors>
-      <transportConnector uri="tcp://localhost:0" discoveryUri="multicast://default"/>
+      <transportConnector uri="nio://localhost:61616?transport.maxFrameSize=10485760"
/>
     </transportConnectors>
         
   </broker>



Mime
View raw message