I2P_Developers/i2p.itoopie
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

enforce some sanity checks on the payload size. see recent rant in DatabaseSearchReplyMessage commit for why

Browse Source 
this is necessary.
This commit is contained in:
jrandom
2004-06-19 23:58:24 +00:00
committed by zzz
parent 592519c45c
commit bbf73f0937
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
router/java/src/net/i2p/data/i2np/DataMessage.java
View File

@ -27,6 +27,8 @@ public class DataMessage extends I2NPMessageImpl {
public final static int MESSAGE_TYPE = 20; public final static int MESSAGE_TYPE = 20;
private byte _data[]; private byte _data[];
private static final int MAX_SIZE = 64*1024;
public DataMessage(I2PAppContext context) { public DataMessage(I2PAppContext context) {
super(context); super(context);
_data = null; _data = null;
@ -41,6 +43,8 @@ public class DataMessage extends I2NPMessageImpl {
if (type != MESSAGE_TYPE) throw new I2NPMessageException("Message type is incorrect for this message"); if (type != MESSAGE_TYPE) throw new I2NPMessageException("Message type is incorrect for this message");
try { try {
int size = (int)DataHelper.readLong(in, 4); int size = (int)DataHelper.readLong(in, 4);
if ( (size <= 0) || (size > MAX_SIZE) )
throw new I2NPMessageException("wtf, size out of range? " + size);
_data = new byte[size]; _data = new byte[size];
int read = read(in, _data); int read = read(in, _data);
if (read != size) if (read != size)