Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id D20F4200B26 for ; Mon, 27 Jun 2016 17:26:53 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id D0B7D160A62; Mon, 27 Jun 2016 15:26:53 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 2E1E3160A54 for ; Mon, 27 Jun 2016 17:26:53 +0200 (CEST) Received: (qmail 6205 invoked by uid 500); 27 Jun 2016 15:26:52 -0000 Mailing-List: contact issues-help@struts.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@struts.apache.org Delivered-To: mailing list issues@struts.apache.org Received: (qmail 6185 invoked by uid 99); 27 Jun 2016 15:26:52 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 Jun 2016 15:26:52 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 32AF22C1F5D for ; Mon, 27 Jun 2016 15:26:52 +0000 (UTC) Date: Mon, 27 Jun 2016 15:26:52 +0000 (UTC) From: "victorsosa (JIRA)" To: issues@struts.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (WW-4620) ParametersInterceptor should check collection index to against DOS MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Mon, 27 Jun 2016 15:26:54 -0000 [ https://issues.apache.org/jira/browse/WW-4620?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15351230#comment-15351230 ] victorsosa commented on WW-4620: -------------------------------- Ok, I will close the PR > ParametersInterceptor should check collection index to against DOS > ------------------------------------------------------------------ > > Key: WW-4620 > URL: https://issues.apache.org/jira/browse/WW-4620 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors > Reporter: zhouyanming > Priority: Critical > Fix For: 2.3.30, 2.5.2 > > > https://dzone.com/articles/spring-initbinder-for-handling-large-list-of-java > This is my workaround: > {code:java} > import org.apache.commons.lang3.StringUtils; > import com.opensymphony.xwork2.interceptor.ParametersInterceptor; > import com.opensymphony.xwork2.util.logging.Logger; > import com.opensymphony.xwork2.util.logging.LoggerFactory; > public class ParamsInterceptor extends ParametersInterceptor { > private static final Logger LOG = LoggerFactory.getLogger(ParametersInterceptor.class); > protected int autoGrowCollectionLimit = 255; > public void setAutoGrowCollectionLimit(int autoGrowCollectionLimit) { > this.autoGrowCollectionLimit = autoGrowCollectionLimit; > } > @Override > protected boolean acceptableName(String name) { > boolean b = super.acceptableName(name); > if (b) { > int start = name.indexOf('['); > while (start > 0) { > int end = name.indexOf(']', start); > if (end < 0) > break; > String s = name.substring(start + 1, end); > if (StringUtils.isNumeric(s)) { > int index = Integer.valueOf(s); > if (index > autoGrowCollectionLimit) { > LOG.warn("Parameter \"#0\" exceed max index: [#1]", name, autoGrowCollectionLimit); > return false; > } > } > start = name.indexOf('[', end); > } > } > return b; > } > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)