This is an automated email from the ASF dual-hosted git repository. rgoers pushed a commit to branch release-2.x in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit e7522b6405f7f5c6a3d2effd272452a481785384 Author: Ralph Goers <[email protected]> AuthorDate: Mon Dec 2 23:01:18 2019 -0700 LOG4J2-2707 - ArrayIndexOutOfBoundsException could occur with MAC address longer than 6 characters --- .../apache/logging/log4j/core/util/UuidUtil.java | 26 +++++++++++++--------- .../apache/logging/log4j/core/util/UuidTest.java | 16 +++++++++++++ src/changes/changes.xml | 3 +++ 3 files changed, 34 insertions(+), 11 deletions(-) diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/util/UuidUtil.java b/log4j-core/src/main/java/org/apache/logging/log4j/core/util/UuidUtil.java index 7b392ed..cf1d9d3 100644 --- a/log4j-core/src/main/java/org/apache/logging/log4j/core/util/UuidUtil.java +++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/util/UuidUtil.java @@ -52,8 +52,6 @@ public final class UuidUtil { private static final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L; private static final long INITIAL_UUID_SEQNO = PropertiesUtil.getProperties().getLongProperty(UUID_SEQUENCE, 0); - private static final long LEAST; - private static final long LOW_MASK = 0xffffffffL; private static final long MID_MASK = 0xffff00000000L; private static final long HIGH_MASK = 0xfff000000000000L; @@ -63,8 +61,19 @@ public final class UuidUtil { private static final int SHIFT_6 = 48; private static final int HUNDRED_NANOS_PER_MILLI = 10000; - static { - byte[] mac = NetUtils.getMacAddress(); + private static final long LEAST = initialize(NetUtils.getMacAddress()); + + /* This class cannot be instantiated */ + private UuidUtil() { + } + + /** + * Initializes this class + * + * @param mac MAC address + * @return Least + */ + static long initialize(byte[] mac) { final Random randomGenerator = new SecureRandom(); if (mac == null || mac.length == 0) { mac = new byte[6]; @@ -78,7 +87,7 @@ public final class UuidUtil { for (int i = 2; i < NODE_SIZE; ++i) { node[i] = 0; } - System.arraycopy(mac, index, node, index + 2, length); + System.arraycopy(mac, index, node, 2, length); final ByteBuffer buf = ByteBuffer.wrap(node); long rand = INITIAL_UUID_SEQNO; String assigned = PropertiesUtil.getProperties().getStringProperty(ASSIGNED_SEQUENCES); @@ -114,12 +123,7 @@ public final class UuidUtil { assigned = assigned == null ? Long.toString(rand) : assigned + ',' + Long.toString(rand); System.setProperty(ASSIGNED_SEQUENCES, assigned); - LEAST = buf.getLong() | rand << SHIFT_6; - } - - - /* This class cannot be instantiated */ - private UuidUtil() { + return buf.getLong() | rand << SHIFT_6; } /** diff --git a/log4j-core/src/test/java/org/apache/logging/log4j/core/util/UuidTest.java b/log4j-core/src/test/java/org/apache/logging/log4j/core/util/UuidTest.java index 556f765..dbb4517 100644 --- a/log4j-core/src/test/java/org/apache/logging/log4j/core/util/UuidTest.java +++ b/log4j-core/src/test/java/org/apache/logging/log4j/core/util/UuidTest.java @@ -64,6 +64,22 @@ public class UuidTest { } @Test + public void testInitialize() { + // Test if no ArrayIndexOutOfBoundsException is thrown when Mac address array is null + UuidUtil.initialize(null); + + // Test if no ArrayIndexOutOfBoundsException is thrown for different Mac address lengths + for (int i=0; i < 10; i++) { + // Create MAC address byte array with i as size + byte[] mac = new byte[i]; + for(int j=0; j < i; j++) { + mac[j] = (byte)j; + } + UuidUtil.initialize(mac); + } + } + + @Test public void testThreads() throws Exception { final Thread[] threads = new Thread[THREADS]; final UUID[] uuids = new UUID[COUNT * THREADS]; diff --git a/src/changes/changes.xml b/src/changes/changes.xml index cfa07b7..f9072b7 100644 --- a/src/changes/changes.xml +++ b/src/changes/changes.xml @@ -30,6 +30,9 @@ - "remove" - Removed --> <release version="2.13.0" date="2019-MM-DD" description="GA Release 2.13.0"> + <action issue="LOG4J@-2707" dev="rgoers" type="fix" due-to="supertomcat"> + ArrayIndexOutOfBoundsException could occur with MAC address longer than 6 bytes. + </action> <action issue="LOG4J2-63" dev="rgoers" type="add"> Add experimental support for Log4j 1 configuration files. </action>
