[rocketmq] branch develop updated: [ISSUE #4955] validate userProperties contain control character or not (#4956)

Wed, 31 Aug 2022 18:41:41 -0700 

This is an automated email from the ASF dual-hosted git repository.

lizhanhui pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/rocketmq.git


The following commit(s) were added to refs/heads/develop by this push:
     new c11ed78ee [ISSUE #4955] validate userProperties contain control 
character or not (#4956)
c11ed78ee is described below

commit c11ed78eeb73c23da4cf9a36a6bad493a1279210
Author: lk <[email protected]>
AuthorDate: Thu Sep 1 09:41:28 2022 +0800

    [ISSUE #4955] validate userProperties contain control character or not 
(#4956)
---
 .../grpc/v2/producer/SendMessageActivity.java      |  6 +++
 .../grpc/v2/producer/SendMessageActivityTest.java  | 58 ++++++++++++++++++++++
 2 files changed, 64 insertions(+)

diff --git 
a/proxy/src/main/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivity.java
 
b/proxy/src/main/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivity.java
index e2d99f51a..6146c80cd 100644
--- 
a/proxy/src/main/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivity.java
+++ 
b/proxy/src/main/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivity.java
@@ -204,6 +204,12 @@ public class SendMessageActivity extends 
AbstractMessingActivity {
             if 
(MessageConst.STRING_HASH_SET.contains(userPropertiesEntry.getKey())) {
                 throw new 
GrpcProxyException(Code.ILLEGAL_MESSAGE_PROPERTY_KEY, "property is used by 
system: " + userPropertiesEntry.getKey());
             }
+            if 
(GrpcValidator.getInstance().containControlCharacter(userPropertiesEntry.getKey()))
 {
+                throw new 
GrpcProxyException(Code.ILLEGAL_MESSAGE_PROPERTY_KEY, "the key of property 
cannot contain control character");
+            }
+            if 
(GrpcValidator.getInstance().containControlCharacter(userPropertiesEntry.getValue()))
 {
+                throw new 
GrpcProxyException(Code.ILLEGAL_MESSAGE_PROPERTY_KEY, "the value of property 
cannot contain control character");
+            }
             userPropertySize += 
userPropertiesEntry.getKey().getBytes(StandardCharsets.UTF_8).length;
             userPropertySize += 
userPropertiesEntry.getValue().getBytes(StandardCharsets.UTF_8).length;
         }
diff --git 
a/proxy/src/test/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivityTest.java
 
b/proxy/src/test/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivityTest.java
index 117156b65..f6320454a 100644
--- 
a/proxy/src/test/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivityTest.java
+++ 
b/proxy/src/test/java/org/apache/rocketmq/proxy/grpc/v2/producer/SendMessageActivityTest.java
@@ -696,6 +696,64 @@ public class SendMessageActivityTest extends 
BaseActivityTest {
             }
         });
 
+        // set the key of user property with control character
+        assertThrows(GrpcProxyException.class, () -> {
+            try {
+                this.sendMessageActivity.sendMessage(
+                    createContext(),
+                    SendMessageRequest.newBuilder()
+                        .addMessages(Message.newBuilder()
+                            .setTopic(Resource.newBuilder()
+                                .setName(TOPIC)
+                                .build())
+                            .setSystemProperties(SystemProperties.newBuilder()
+                                .setMessageId("msgId")
+                                .setQueueId(0)
+                                .setMessageType(MessageType.NORMAL)
+                                
.setBornTimestamp(Timestamps.fromMillis(System.currentTimeMillis()))
+                                
.setBornHost(StringUtils.defaultString(RemotingUtil.getLocalAddress(), 
"127.0.0.1:1234"))
+                                .build())
+                            .putUserProperties("\u0000", "hello")
+                            .setBody(ByteString.copyFrom(new byte[3]))
+                            .build())
+                        .build()
+                ).get();
+            } catch (ExecutionException t) {
+                GrpcProxyException e = (GrpcProxyException) t.getCause();
+                assertEquals(Code.ILLEGAL_MESSAGE_PROPERTY_KEY, e.getCode());
+                throw e;
+            }
+        });
+
+        // set the value of user property with control character
+        assertThrows(GrpcProxyException.class, () -> {
+            try {
+                this.sendMessageActivity.sendMessage(
+                    createContext(),
+                    SendMessageRequest.newBuilder()
+                        .addMessages(Message.newBuilder()
+                            .setTopic(Resource.newBuilder()
+                                .setName(TOPIC)
+                                .build())
+                            .setSystemProperties(SystemProperties.newBuilder()
+                                .setMessageId("msgId")
+                                .setQueueId(0)
+                                .setMessageType(MessageType.NORMAL)
+                                
.setBornTimestamp(Timestamps.fromMillis(System.currentTimeMillis()))
+                                
.setBornHost(StringUtils.defaultString(RemotingUtil.getLocalAddress(), 
"127.0.0.1:1234"))
+                                .build())
+                            .putUserProperties("p", "\u0000")
+                            .setBody(ByteString.copyFrom(new byte[3]))
+                            .build())
+                        .build()
+                ).get();
+            } catch (ExecutionException t) {
+                GrpcProxyException e = (GrpcProxyException) t.getCause();
+                assertEquals(Code.ILLEGAL_MESSAGE_PROPERTY_KEY, e.getCode());
+                throw e;
+            }
+        });
+
         // empty message id
         assertThrows(GrpcProxyException.class, () -> {
             try {

Reply via email to