[
https://issues.apache.org/jira/browse/HDDS-13943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Doroszlai updated HDDS-13943:
------------------------------------
Priority: Minor (was: Major)
> Add input validation for protocol format in DirstreamClientHandler to prevent
> ArrayIndexOutOfBoundsException
> ------------------------------------------------------------------------------------------------------------
>
> Key: HDDS-13943
> URL: https://issues.apache.org/jira/browse/HDDS-13943
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Huang Guan Hao
> Assignee: Huang Guan Hao
> Priority: Minor
> Labels: pull-request-available
> Fix For: 2.2.0
>
>
> The `DirstreamClientHandler` directly accesses `parts[1]` after splitting
> `currentFileName` without validating the split result length. While the
> server-side protocol guarantees the format `SIZE FILENAME` (with space), the
> client should validate input to handle network errors, protocol version
> mismatches, malicious input, or implementation errors.
> Currently, if the format is incorrect (e.g., no space), `split(" ", 2)`
> returns an array of length 1, and accessing `parts[1]` throws
> `ArrayIndexOutOfBoundsException`, which is not a user-friendly error.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
