Author: markt
Date: Tue Jul 2 08:26:28 2013
New Revision: 1498827
URL: http://svn.apache.org/r1498827
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55181
Protect against clients that ignore the limit of the byte buffer
Added:
tomcat/trunk/test/org/apache/tomcat/websocket/TestWsPingPongMessages.java
(with props)
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/WsPongMessage.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsPongMessage.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsPongMessage.java?rev=1498827&r1=1498826&r2=1498827&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsPongMessage.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsPongMessage.java Tue Jul 2
08:26:28 2013
@@ -26,7 +26,9 @@ public class WsPongMessage implements Po
public WsPongMessage(ByteBuffer applicationData) {
- this.applicationData = applicationData;
+ byte[] dst = new byte[applicationData.limit()];
+ applicationData.get(dst);
+ this.applicationData = ByteBuffer.wrap(dst);
}
Added: tomcat/trunk/test/org/apache/tomcat/websocket/TestWsPingPongMessages.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/websocket/TestWsPingPongMessages.java?rev=1498827&view=auto
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/websocket/TestWsPingPongMessages.java
(added)
+++ tomcat/trunk/test/org/apache/tomcat/websocket/TestWsPingPongMessages.java
Tue Jul 2 08:26:28 2013
@@ -0,0 +1,100 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.websocket;
+
+import java.net.URI;
+import java.nio.ByteBuffer;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import javax.websocket.ClientEndpointConfig;
+import javax.websocket.ContainerProvider;
+import javax.websocket.PongMessage;
+import javax.websocket.Session;
+import javax.websocket.WebSocketContainer;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.deploy.ApplicationListener;
+import org.apache.catalina.servlets.DefaultServlet;
+import org.apache.catalina.startup.Tomcat;
+import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.tomcat.websocket.TesterSingleMessageClient.TesterEndpoint;
+import
org.apache.tomcat.websocket.TesterSingleMessageClient.TesterProgrammaticEndpoint;
+
+
+public class TestWsPingPongMessages extends TomcatBaseTest {
+
+ ByteBuffer applicationData = ByteBuffer.wrap(new String("mydata")
+ .getBytes());
+
+ @Test
+ public void testPingPongMessages() throws Exception {
+ Tomcat tomcat = getTomcatInstance();
+ // Must have a real docBase - just use temp
+ Context ctx = tomcat.addContext("",
+ System.getProperty("java.io.tmpdir"));
+ ctx.addApplicationListener(new ApplicationListener(
+ TesterEchoServer.Config.class.getName(), false));
+
+ Tomcat.addServlet(ctx, "default", new DefaultServlet());
+ ctx.addServletMapping("/", "default");
+
+ tomcat.start();
+
+ WebSocketContainer wsContainer = ContainerProvider
+ .getWebSocketContainer();
+
+ tomcat.start();
+
+ Session wsSession = wsContainer.connectToServer(
+ TesterProgrammaticEndpoint.class, ClientEndpointConfig.Builder
+ .create().build(), new URI("ws://localhost:"
+ + getPort() + TesterEchoServer.Config.PATH_ASYNC));
+
+ CountDownLatch latch = new CountDownLatch(1);
+ TesterEndpoint tep = (TesterEndpoint) wsSession.getUserProperties()
+ .get("endpoint");
+ tep.setLatch(latch);
+
+ PongMessageHandler handler = new PongMessageHandler(latch);
+ wsSession.addMessageHandler(handler);
+ wsSession.getBasicRemote().sendPing(applicationData);
+
+ boolean latchResult = handler.getLatch().await(10, TimeUnit.SECONDS);
+ Assert.assertTrue(latchResult);
+ Assert.assertArrayEquals(applicationData.array(),
+ (handler.getMessages().get(0)).getApplicationData().array());
+ }
+
+ public static class PongMessageHandler extends
+ TesterSingleMessageClient.BasicHandler<PongMessage> {
+ public PongMessageHandler(CountDownLatch latch) {
+ super(latch);
+ }
+
+ @Override
+ public void onMessage(PongMessage message) {
+ getMessages().add(message);
+ if (getLatch() != null) {
+ getLatch().countDown();
+ }
+ }
+ }
+}
\ No newline at end of file
Propchange:
tomcat/trunk/test/org/apache/tomcat/websocket/TestWsPingPongMessages.java
------------------------------------------------------------------------------
svn:eol-style = native
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
