Skip to content

Commit a7c1ab5

Browse files
authored
Validate Stomp headers against max frame size (#2104) (#2108)
Updates Stomp codec to check headers against max frame size during reading of the headers and not after when reading the body. (cherry picked from commit 7cb413b)
1 parent 7e6705f commit a7c1ab5

2 files changed

Lines changed: 18 additions & 5 deletions

File tree

activemq-stomp/src/main/java/org/apache/activemq/transport/stomp/StompCodec.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,15 @@ public void parse(ByteArrayInputStream input, int readSize) throws Exception {
6767
}
6868

6969
currentCommand.write(b);
70+
71+
if (currentCommand.size() > wireFormat.getMaxFrameSize()) {
72+
StompFrameError errorFrame = new StompFrameError(
73+
new ProtocolException("The maximum frame size was exceeded while processing headers.", true));
74+
errorFrame.setAction(this.action);
75+
transport.doConsume(errorFrame);
76+
return;
77+
}
78+
7079
// end of headers section, parse action and header
7180
if (b == '\n' && (previousByte == '\n' || currentCommand.endsWith(crlfcrlf))) {
7281
DataByteArrayInputStream data = new DataByteArrayInputStream(currentCommand.toByteArray());

activemq-stomp/src/test/java/org/apache/activemq/transport/stomp/StompMaxFrameSizeTest.java

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -205,25 +205,25 @@ public void testOversizedActionOnNioSslSocket() throws Exception {
205205
@Test(timeout = 60000)
206206
public void testOversizedHeadersOnPlainSocket() throws Exception {
207207
Assume.assumeTrue(testType == TestType.FRAME_MAX_LESS_THAN_HEADER_MAX);
208-
doTestOversizedHeaders(port, false);
208+
doTestOversizedHeaders(port, false, false);
209209
}
210210

211211
@Test(timeout = 60000)
212212
public void testOversizedHeadersOnNioSocket() throws Exception {
213213
Assume.assumeTrue(testType == TestType.FRAME_MAX_LESS_THAN_HEADER_MAX);
214-
doTestOversizedHeaders(nioPort, false);
214+
doTestOversizedHeaders(nioPort, false, true);
215215
}
216216

217217
@Test(timeout = 60000)
218218
public void testOversizedHeadersOnSslSocket() throws Exception {
219219
Assume.assumeTrue(testType == TestType.FRAME_MAX_LESS_THAN_HEADER_MAX);
220-
doTestOversizedHeaders(sslPort, true);
220+
doTestOversizedHeaders(sslPort, true, false);
221221
}
222222

223223
@Test(timeout = 60000)
224224
public void testOversizedHeadersOnNioSslSocket() throws Exception {
225225
Assume.assumeTrue(testType == TestType.FRAME_MAX_LESS_THAN_HEADER_MAX);
226-
doTestOversizedHeaders(nioSslPort, true);
226+
doTestOversizedHeaders(nioSslPort, true, true);
227227
}
228228

229229
protected void doTestOversizedAction(int port, boolean useSsl) throws Exception {
@@ -242,7 +242,7 @@ protected void doTestOversizedAction(int port, boolean useSsl) throws Exception
242242
assertTrue(received.getBody().contains("maximum frame size"));
243243
}
244244

245-
protected void doTestOversizedHeaders(int port, boolean useSsl) throws Exception {
245+
protected void doTestOversizedHeaders(int port, boolean useSsl, boolean nio) throws Exception {
246246
initializeStomp(port, useSsl);
247247

248248
StringBuilder headers = new StringBuilder(maxFrameSize + 100);
@@ -259,6 +259,10 @@ protected void doTestOversizedHeaders(int port, boolean useSsl) throws Exception
259259
assertNotNull(received);
260260
assertEquals("ERROR", received.getAction());
261261
assertTrue(received.getBody().contains("maximum frame size"));
262+
// verify we terminated during header processing and not later during the action
263+
if (nio) {
264+
assertTrue(received.getBody().contains("while processing headers"));
265+
}
262266
}
263267

264268
protected void doOversizedTestMessage(int port, boolean useSsl, int dataSize) throws Exception {

0 commit comments

Comments
 (0)