[freenet-cvs] r17464 - trunk/freenet/src/freenet/support

Fri, 1 Feb 2008 19:25:56 +0000 (UTC) 

Author: robert
Date: 2008-02-01 19:25:56 +0000 (Fri, 01 Feb 2008)
New Revision: 17464

Modified:
   trunk/freenet/src/freenet/support/BitArray.java
   trunk/freenet/src/freenet/support/Serializer.java
Log:
prevent arbitrary sizes in allocating BitArray's from the wire


Modified: trunk/freenet/src/freenet/support/BitArray.java
===================================================================
--- trunk/freenet/src/freenet/support/BitArray.java     2008-02-01 19:23:44 UTC 
(rev 17463)
+++ trunk/freenet/src/freenet/support/BitArray.java     2008-02-01 19:25:56 UTC 
(rev 17464)
@@ -30,11 +30,22 @@
        private final int _size;
        private final byte[] _bits;

+       /**
+        * This constructor does not check for unacceptable sizes, and should 
only be used on trusted data.
+        */
        public BitArray(DataInputStream dis) throws IOException {
                _size = dis.readInt();
                _bits = new byte[(_size / 8) + (_size % 8 == 0 ? 0 : 1)];
                dis.readFully(_bits);
        }
+       
+       public BitArray(DataInputStream dis, int maxSize) throws IOException {
+               _size = dis.readInt();
+               if (_size<=0 || _size>maxSize)
+                       throw new IOException("Unacceptable bitarray size: 
"+_size);
+               _bits = new byte[(_size / 8) + (_size % 8 == 0 ? 0 : 1)];
+               dis.readFully(_bits);
+       }

        public BitArray(int size) {
                _size = size;

Modified: trunk/freenet/src/freenet/support/Serializer.java
===================================================================
--- trunk/freenet/src/freenet/support/Serializer.java   2008-02-01 19:23:44 UTC 
(rev 17463)
+++ trunk/freenet/src/freenet/support/Serializer.java   2008-02-01 19:25:56 UTC 
(rev 17464)
@@ -42,6 +42,7 @@
 public class Serializer {

     public static final String VERSION = "$Id: Serializer.java,v 1.5 
2005/09/15 18:16:04 amphibian Exp $";
+       public static final int MAX_BITARRAY_SIZE = 128;

        public static List readListFromDataInputStream(Class elementType, 
DataInputStream dis) throws IOException {
                LinkedList ret = new LinkedList();
@@ -89,7 +90,7 @@
                } else if (type.equals(Peer.class)) {
                        return new Peer(dis);
                } else if (type.equals(BitArray.class)) {
-                       return new BitArray(dis);
+                       return new BitArray(dis, MAX_BITARRAY_SIZE);
                } else if (type.equals(NodeCHK.class)) {
                        // Use Key.read(...) because write(...) writes the TYPE 
field.
                        return Key.read(dis);

Reply via email to