Repository: activemq-artemis
Updated Branches:
  refs/heads/master f820e0124 -> 895ffb5b3


Treat STOMP 1.1+ undefined header escape sequences as errors

https://stomp.github.io/stomp-specification-1.2.html#Value_Encoding


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/a99617ae
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/a99617ae
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/a99617ae

Branch: refs/heads/master
Commit: a99617ae6b237a997f683ef340b3ba79f54efe69
Parents: f820e01
Author: Ville Skyttä <ville.sky...@iki.fi>
Authored: Tue Jan 26 16:31:30 2016 +0200
Committer: Clebert Suconic <clebertsuco...@apache.org>
Committed: Wed Nov 30 17:56:49 2016 -0500

----------------------------------------------------------------------
 .../protocol/stomp/ActiveMQStompException.java  |  1 +
 .../ActiveMQStompProtocolMessageBundle.java     |  3 ++
 .../core/protocol/stomp/StompConnection.java    |  1 +
 .../stomp/v11/StompFrameHandlerV11.java         |  9 +++++
 .../stomp/v12/StompFrameHandlerV12.java         |  3 ++
 .../integration/stomp/v11/StompV11Test.java     | 33 ++++++++++++++++++
 .../integration/stomp/v12/StompV12Test.java     | 36 ++++++++++++++++++++
 7 files changed, 86 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompException.java
----------------------------------------------------------------------
diff --git 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompException.java
 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompException.java
index 118f7f8..f4f23e6 100644
--- 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompException.java
+++ 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompException.java
@@ -25,6 +25,7 @@ public class ActiveMQStompException extends Exception {
    public static final int NONE = 0;
    public static final int INVALID_EOL_V10 = 1;
    public static final int INVALID_COMMAND = 2;
+   public static final int UNDEFINED_ESCAPE = 3;
 
    private static final long serialVersionUID = -274452327574950068L;
 

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompProtocolMessageBundle.java
----------------------------------------------------------------------
diff --git 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompProtocolMessageBundle.java
 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompProtocolMessageBundle.java
index e535725..8108f32 100644
--- 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompProtocolMessageBundle.java
+++ 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/ActiveMQStompProtocolMessageBundle.java
@@ -150,4 +150,7 @@ public interface ActiveMQStompProtocolMessageBundle {
 
    @Message(id = 339039, value = "No id header in ACK/NACK frame.")
    ActiveMQStompException noIDInAck();
+
+   @Message(id = 339040, value = "Undefined escape sequence: {0}", format = 
Message.Format.MESSAGE_FORMAT)
+   ActiveMQStompException undefinedEscapeSequence(String sequence);
 }

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompConnection.java
----------------------------------------------------------------------
diff --git 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompConnection.java
 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompConnection.java
index a6ddf68..6dcff64 100644
--- 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompConnection.java
+++ 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompConnection.java
@@ -121,6 +121,7 @@ public final class StompConnection implements 
RemotingConnection {
                frame = decode(buffer);
                break;
             case ActiveMQStompException.INVALID_COMMAND:
+            case ActiveMQStompException.UNDEFINED_ESCAPE:
                frameHandler.onError(e);
                break;
             default:

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v11/StompFrameHandlerV11.java
----------------------------------------------------------------------
diff --git 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v11/StompFrameHandlerV11.java
 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v11/StompFrameHandlerV11.java
index c4a9a61..867cdd8 100644
--- 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v11/StompFrameHandlerV11.java
+++ 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v11/StompFrameHandlerV11.java
@@ -558,6 +558,12 @@ public class StompFrameHandlerV11 extends 
VersionedStompFrameHandler implements
          }
       }
 
+      protected void throwUndefinedEscape(byte b) throws 
ActiveMQStompException {
+         ActiveMQStompException error = BUNDLE.undefinedEscapeSequence(new 
String(new char[]{ESC_CHAR, (char) b})).setHandler(handler);
+         error.setCode(ActiveMQStompException.UNDEFINED_ESCAPE);
+         throw error;
+      }
+
       @Override
       protected boolean parseHeaders() throws ActiveMQStompException {
 
@@ -645,6 +651,9 @@ public class StompFrameHandlerV11 extends 
VersionedStompFrameHandler implements
 
                   headerValueWhitespace = false;
 
+                  if (isEscaping) {
+                     throwUndefinedEscape(b);
+                  }
                   holder.append(b);
                }
             }

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v12/StompFrameHandlerV12.java
----------------------------------------------------------------------
diff --git 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v12/StompFrameHandlerV12.java
 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v12/StompFrameHandlerV12.java
index 2149721..6b211d2 100644
--- 
a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v12/StompFrameHandlerV12.java
+++ 
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v12/StompFrameHandlerV12.java
@@ -230,6 +230,9 @@ public class StompFrameHandlerV12 extends 
StompFrameHandlerV11 {
 
                   headerValueWhitespace = false;
 
+                  if (isEscaping) {
+                     throwUndefinedEscape(b);
+                  }
                   holder.append(b);
                }
             }

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v11/StompV11Test.java
----------------------------------------------------------------------
diff --git 
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v11/StompV11Test.java
 
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v11/StompV11Test.java
index 4d42a34..2bd15a1 100644
--- 
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v11/StompV11Test.java
+++ 
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v11/StompV11Test.java
@@ -389,6 +389,39 @@ public class StompV11Test extends StompV11TestBase {
       newConn.disconnect();
    }
 
+   /**
+    * In 1.1, undefined escapes must cause a fatal protocol error.
+    */
+   @Test
+   public void testHeaderUndefinedEscape() throws Exception {
+      connV11.connect(defUser, defPass);
+      ClientStompFrame frame = connV11.createFrame("SEND");
+
+      String body = "Hello World 1!";
+      String cLen = 
String.valueOf(body.getBytes(StandardCharsets.UTF_8).length);
+
+      frame.addHeader("destination", getQueuePrefix() + getQueueName());
+      frame.addHeader("content-type", "text/plain");
+      frame.addHeader("content-length", cLen);
+      String hKey = "undefined-escape";
+      String hVal = "is\\ttab";
+      frame.addHeader(hKey, hVal);
+
+      System.out.println("key: |" + hKey + "| val: |" + hVal + "|");
+
+      frame.setBody(body);
+
+      connV11.sendFrame(frame);
+
+      ClientStompFrame error = connV11.receiveFrame();
+
+      System.out.println("received " + error);
+
+      String desc = "Should have received an ERROR for undefined escape 
sequence";
+      Assert.assertNotNull(desc, error);
+      Assert.assertEquals(desc, "ERROR", error.getCommand());
+   }
+
    @Test
    public void testHeartBeat() throws Exception {
       //no heart beat at all if heat-beat absent

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a99617ae/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v12/StompV12Test.java
----------------------------------------------------------------------
diff --git 
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v12/StompV12Test.java
 
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v12/StompV12Test.java
index c075da5..d3ef89a 100644
--- 
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v12/StompV12Test.java
+++ 
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/stomp/v12/StompV12Test.java
@@ -564,6 +564,42 @@ public class StompV12Test extends StompV11TestBase {
       newConn.disconnect();
    }
 
+   /**
+    * In 1.2, undefined escapes must cause a fatal protocol error.
+    */
+   @Test
+   public void testHeaderUndefinedEscape() throws Exception {
+      connV12.connect(defUser, defPass);
+      ClientStompFrame frame = connV12.createFrame("SEND");
+
+      String body = "Hello World 1!";
+      String cLen = 
String.valueOf(body.getBytes(StandardCharsets.UTF_8).length);
+
+      frame.addHeader("destination", getQueuePrefix() + getQueueName());
+      frame.addHeader("content-type", "text/plain");
+      frame.addHeader("content-length", cLen);
+      String hKey = "undefined-escape";
+      String hVal = "is\\ttab";
+      frame.addHeader(hKey, hVal);
+
+      System.out.println("key: |" + hKey + "| val: |" + hVal + "|");
+
+      frame.setBody(body);
+
+      connV12.sendFrame(frame);
+
+      ClientStompFrame error = connV12.receiveFrame();
+
+      System.out.println("received " + error);
+
+      String desc = "Should have received an ERROR for undefined escape 
sequence";
+      Assert.assertNotNull(desc, error);
+      Assert.assertEquals(desc, "ERROR", error.getCommand());
+
+      waitDisconnect(connV12);
+      Assert.assertFalse("Should be disconnected in STOMP 1.2 after ERROR", 
connV12.isConnected());
+   }
+
    @Test
    public void testHeartBeat() throws Exception {
       StompClientConnection conn = 
StompClientConnectionFactory.createClientConnection("1.2", hostname, port);

Reply via email to