juneau-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jamesbog...@apache.org
Subject incubator-juneau git commit: Prevent possible OOM in case of DDOS.
Date Tue, 02 May 2017 12:31:36 GMT
Repository: incubator-juneau
Updated Branches:
  refs/heads/master c3609d051 -> 831a2bd9f


Prevent possible OOM in case of DDOS.

Project: http://git-wip-us.apache.org/repos/asf/incubator-juneau/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-juneau/commit/831a2bd9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-juneau/tree/831a2bd9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-juneau/diff/831a2bd9

Branch: refs/heads/master
Commit: 831a2bd9f8da1c924f385c654b363b904b2905a7
Parents: c3609d0
Author: JamesBognar <jamesbognar@apache.org>
Authored: Tue May 2 08:31:30 2017 -0400
Committer: JamesBognar <jamesbognar@apache.org>
Committed: Tue May 2 08:31:30 2017 -0400

----------------------------------------------------------------------
 .../java/org/apache/juneau/https/AcceptTest.java  |  1 -
 .../main/java/org/apache/juneau/http/Accept.java  | 18 ++++++++++++------
 .../org/apache/juneau/http/AcceptEncoding.java    | 18 ++++++++++++------
 .../java/org/apache/juneau/http/ContentType.java  | 16 +++++++++++-----
 4 files changed, 35 insertions(+), 18 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-juneau/blob/831a2bd9/juneau-core-test/src/test/java/org/apache/juneau/https/AcceptTest.java
----------------------------------------------------------------------
diff --git a/juneau-core-test/src/test/java/org/apache/juneau/https/AcceptTest.java b/juneau-core-test/src/test/java/org/apache/juneau/https/AcceptTest.java
index dd905a6..8a2b174 100644
--- a/juneau-core-test/src/test/java/org/apache/juneau/https/AcceptTest.java
+++ b/juneau-core-test/src/test/java/org/apache/juneau/https/AcceptTest.java
@@ -42,7 +42,6 @@ public class AcceptTest {
 			{ "SimpleNoMatch-2", "text/jso", "['text/json']", -1 },
 			{ "SimpleNoMatch-3", "text/json", "['application/json']", -1 },
 			{ "SimpleNoMatch-4", "text/json", "[]", -1 },
-			{ "SimpleNoMatch-5", null, "['text/json']", -1 },
 			
 			// Meta-character matches
 			{ "MetaMatch-1", "text/*", "['text/a','text/b+c','text/b+d+e']", 2 },

http://git-wip-us.apache.org/repos/asf/incubator-juneau/blob/831a2bd9/juneau-core/src/main/java/org/apache/juneau/http/Accept.java
----------------------------------------------------------------------
diff --git a/juneau-core/src/main/java/org/apache/juneau/http/Accept.java b/juneau-core/src/main/java/org/apache/juneau/http/Accept.java
index ce7119f..5fabc73 100644
--- a/juneau-core/src/main/java/org/apache/juneau/http/Accept.java
+++ b/juneau-core/src/main/java/org/apache/juneau/http/Accept.java
@@ -122,7 +122,7 @@ import org.apache.juneau.internal.*;
  */
 public final class Accept {
 
-	private static final boolean nocache = Boolean.getBoolean("juneau.nocache");
+	private static final boolean nocache = Boolean.getBoolean("juneau.http.Accept.nocache");
 	private static final ConcurrentHashMap<String,Accept> cache = new ConcurrentHashMap<String,Accept>();
 
 	private final MediaTypeRange[] mediaRanges;
@@ -132,19 +132,25 @@ public final class Accept {
 	 * Returns a parsed <code>Accept</code> header.
 	 *
 	 * @param s The <code>Accept</code> header string.
-	 * @return The parsed <code>Accept</code> header.
+	 * @return The parsed <code>Accept</code> header, or <jk>null</jk>
if the string was null.
 	 */
 	public static Accept forString(String s) {
 		if (s == null)
-			s = "null";
-		Accept a = cache.get(s);
-		if (a == null) {
+			return null;
+
+		// Prevent OOM in case of DDOS
+		if (cache.size() > 1000)
+			cache.clear();
+
+		while (true) {
+			Accept a = cache.get(s);
+			if (a != null)
+				return a;
 			a = new Accept(s);
 			if (nocache)
 				return a;
 			cache.putIfAbsent(s, a);
 		}
-		return cache.get(s);
 	}
 
 	private Accept(String raw) {

http://git-wip-us.apache.org/repos/asf/incubator-juneau/blob/831a2bd9/juneau-core/src/main/java/org/apache/juneau/http/AcceptEncoding.java
----------------------------------------------------------------------
diff --git a/juneau-core/src/main/java/org/apache/juneau/http/AcceptEncoding.java b/juneau-core/src/main/java/org/apache/juneau/http/AcceptEncoding.java
index e8c6886..8d83401 100644
--- a/juneau-core/src/main/java/org/apache/juneau/http/AcceptEncoding.java
+++ b/juneau-core/src/main/java/org/apache/juneau/http/AcceptEncoding.java
@@ -80,7 +80,7 @@ import org.apache.juneau.internal.*;
  */
 public final class AcceptEncoding {
 
-	private static final boolean nocache = Boolean.getBoolean("juneau.nocache");
+	private static final boolean nocache = Boolean.getBoolean("juneau.http.AcceptEncoding.nocache");
 	private static final ConcurrentHashMap<String,AcceptEncoding> cache = new ConcurrentHashMap<String,AcceptEncoding>();
 
 	private final TypeRange[] typeRanges;
@@ -90,19 +90,25 @@ public final class AcceptEncoding {
 	 * Returns a parsed <code>Accept-Encoding</code> header.
 	 *
 	 * @param s The <code>Accept-Encoding</code> header string.
-	 * @return The parsed <code>Accept-Encoding</code> header.
+	 * @return The parsed <code>Accept-Encoding</code> header, or <jk>null</jk>
if the string was null.
 	 */
 	public static AcceptEncoding forString(String s) {
 		if (s == null)
-			s = "null";
-		AcceptEncoding a = cache.get(s);
-		if (a == null) {
+			return null;
+
+		// Prevent OOM in case of DDOS
+		if (cache.size() > 1000)
+			cache.clear();
+
+		while (true) {
+			AcceptEncoding a = cache.get(s);
+			if (a != null)
+				return a;
 			a = new AcceptEncoding(s);
 			if (nocache)
 				return a;
 			cache.putIfAbsent(s, a);
 		}
-		return cache.get(s);
 	}
 
 	private AcceptEncoding(String raw) {

http://git-wip-us.apache.org/repos/asf/incubator-juneau/blob/831a2bd9/juneau-core/src/main/java/org/apache/juneau/http/ContentType.java
----------------------------------------------------------------------
diff --git a/juneau-core/src/main/java/org/apache/juneau/http/ContentType.java b/juneau-core/src/main/java/org/apache/juneau/http/ContentType.java
index 7f5570f..fcf48d8 100644
--- a/juneau-core/src/main/java/org/apache/juneau/http/ContentType.java
+++ b/juneau-core/src/main/java/org/apache/juneau/http/ContentType.java
@@ -34,26 +34,32 @@ import java.util.concurrent.*;
  */
 public class ContentType extends MediaType {
 
-	private static final boolean nocache = Boolean.getBoolean("juneau.nocache");
+	private static final boolean nocache = Boolean.getBoolean("juneau.http.ContentType.nocache");
 	private static final ConcurrentHashMap<String,ContentType> cache = new ConcurrentHashMap<String,ContentType>();
 
 	/**
 	 * Returns a parsed <code>Content-Type</code> header.
 	 *
 	 * @param s The <code>Content-Type</code> header string.
-	 * @return The parsed <code>Content-Type</code> header.
+	 * @return The parsed <code>Content-Type</code> header, or <jk>null</jk>
if the string was null.
 	 */
 	public static ContentType forString(String s) {
 		if (s == null)
 			return null;
-		ContentType mt = cache.get(s);
-		if (mt == null) {
+
+		// Prevent OOM in case of DDOS
+		if (cache.size() > 1000)
+			cache.clear();
+
+		while (true) {
+			ContentType mt = cache.get(s);
+			if (mt != null)
+				return mt;
 			mt = new ContentType(s);
 			if (nocache)
 				return mt;
 			cache.putIfAbsent(s, mt);
 		}
-		return cache.get(s);
 	}
 
 	private ContentType(String s) {


Mime
View raw message