Changeset 2d2348f


Ignore:
Timestamp:
Aug 3, 2014 2:36:20 PM (6 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
b7e0dab
Parents:
b28eb70
Message:

payload bounds check

Files:
2 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/data/Payload.java

    rb28eb70 r2d2348f  
    3030    private byte[] _unencryptedData;
    3131
     32    /** So we don't OOM on I2CP protocol errors. Actual max is smaller. */
     33    private static final int MAX_LENGTH = 64*1024;
     34
    3235    public Payload() {
    3336    }
     
    5255     * Deprecated.
    5356     * Unless you are doing encryption, use setEncryptedData() instead.
     57     * @throws IllegalArgumentException if bigger than 64KB
    5458     */
    5559    public void setUnencryptedData(byte[] data) {
     60        if (data.length > MAX_LENGTH)
     61            throw new IllegalArgumentException();
    5662        _unencryptedData = data;
    5763    }
     
    6268    }
    6369
    64     /** the real data */
     70    /**
     71     * the real data
     72     * @throws IllegalArgumentException if bigger than 64KB
     73     */
    6574    public void setEncryptedData(byte[] data) {
     75        if (data.length > MAX_LENGTH)
     76            throw new IllegalArgumentException();
    6677        _encryptedData = data;
    6778    }
     
    7889    public void readBytes(InputStream in) throws DataFormatException, IOException {
    7990        int size = (int) DataHelper.readLong(in, 4);
    80         if (size < 0) throw new DataFormatException("payload size out of range (" + size + ")");
     91        if (size < 0 || size > MAX_LENGTH) throw new DataFormatException("payload size out of range (" + size + ")");
    8192        _encryptedData = new byte[size];
    8293        int read = read(in, _encryptedData);
  • router/java/src/net/i2p/router/RouterVersion.java

    rb28eb70 r2d2348f  
    1919    public final static String ID = "Monotone";
    2020    public final static String VERSION = CoreVersion.VERSION;
    21     public final static long BUILD = 2;
     21    public final static long BUILD = 3;
    2222
    2323    /** for example "-test" */
Note: See TracChangeset for help on using the changeset viewer.