Repository: cassandra Updated Branches: refs/heads/cassandra-2.0 cf60d1eb8 -> 1a096efeb
Better validation of collection values patch by slebresne; reviewed by thobbs for CASSANDRA-7833 Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/1a096efe Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/1a096efe Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/1a096efe Branch: refs/heads/cassandra-2.0 Commit: 1a096efebb51a782bc31e4dfd35e4b7fb8dba56f Parents: cf60d1e Author: Sylvain Lebresne <[email protected]> Authored: Thu Oct 2 09:47:44 2014 +0200 Committer: Sylvain Lebresne <[email protected]> Committed: Thu Oct 2 09:47:44 2014 +0200 ---------------------------------------------------------------------- CHANGES.txt | 1 + src/java/org/apache/cassandra/serializers/ListSerializer.java | 2 ++ src/java/org/apache/cassandra/serializers/MapSerializer.java | 2 ++ src/java/org/apache/cassandra/serializers/SetSerializer.java | 2 ++ 4 files changed, 7 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/1a096efe/CHANGES.txt ---------------------------------------------------------------------- diff --git a/CHANGES.txt b/CHANGES.txt index 0e5a0d0..3454928 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,4 +1,5 @@ 2.0.11: + * Better validation of collection values (CASSANDRA-7833) * Fix possible overflow while sorting CL segments for replay (CASSANDRA-7992) * Increase nodetool Xmx (CASSANDRA-7956) * Archive any commitlog segments present at startup (CASSANDRA-6904) http://git-wip-us.apache.org/repos/asf/cassandra/blob/1a096efe/src/java/org/apache/cassandra/serializers/ListSerializer.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/serializers/ListSerializer.java b/src/java/org/apache/cassandra/serializers/ListSerializer.java index 59f25d2..74cab7e 100644 --- a/src/java/org/apache/cassandra/serializers/ListSerializer.java +++ b/src/java/org/apache/cassandra/serializers/ListSerializer.java @@ -60,6 +60,8 @@ public class ListSerializer<T> extends CollectionSerializer<List<T>> elements.validate(databb); l.add(elements.deserialize(databb)); } + if (input.hasRemaining()) + throw new MarshalException("Unexpected extraneous bytes after list value"); return l; } catch (BufferUnderflowException e) http://git-wip-us.apache.org/repos/asf/cassandra/blob/1a096efe/src/java/org/apache/cassandra/serializers/MapSerializer.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/serializers/MapSerializer.java b/src/java/org/apache/cassandra/serializers/MapSerializer.java index f79d07f..47515a1 100644 --- a/src/java/org/apache/cassandra/serializers/MapSerializer.java +++ b/src/java/org/apache/cassandra/serializers/MapSerializer.java @@ -68,6 +68,8 @@ public class MapSerializer<K, V> extends CollectionSerializer<Map<K, V>> m.put(keys.deserialize(kbb), values.deserialize(vbb)); } + if (input.hasRemaining()) + throw new MarshalException("Unexpected extraneous bytes after map value"); return m; } catch (BufferUnderflowException e) http://git-wip-us.apache.org/repos/asf/cassandra/blob/1a096efe/src/java/org/apache/cassandra/serializers/SetSerializer.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/serializers/SetSerializer.java b/src/java/org/apache/cassandra/serializers/SetSerializer.java index d6d7062..a6df281 100644 --- a/src/java/org/apache/cassandra/serializers/SetSerializer.java +++ b/src/java/org/apache/cassandra/serializers/SetSerializer.java @@ -60,6 +60,8 @@ public class SetSerializer<T> extends CollectionSerializer<Set<T>> elements.validate(databb); l.add(elements.deserialize(databb)); } + if (input.hasRemaining()) + throw new MarshalException("Unexpected extraneous bytes after set value"); return l; } catch (BufferUnderflowException e)
