zhouyanming created WW-4620:
-------------------------------
Summary: ParametersInterceptor should check collection index to
against DOS
Key: WW-4620
URL: https://issues.apache.org/jira/browse/WW-4620
Project: Struts 2
Issue Type: Improvement
Components: Core Interceptors
Reporter: zhouyanming
Priority: Critical
https://dzone.com/articles/spring-initbinder-for-handling-large-list-of-java
This is my workaround:
{code:java}
import org.apache.commons.lang3.StringUtils;
import com.opensymphony.xwork2.interceptor.ParametersInterceptor;
import com.opensymphony.xwork2.util.logging.Logger;
import com.opensymphony.xwork2.util.logging.LoggerFactory;
public class ParamsInterceptor extends ParametersInterceptor {
private static final Logger LOG =
LoggerFactory.getLogger(ParametersInterceptor.class);
protected int autoGrowCollectionLimit = 255;
public void setAutoGrowCollectionLimit(int autoGrowCollectionLimit) {
this.autoGrowCollectionLimit = autoGrowCollectionLimit;
}
@Override
protected boolean acceptableName(String name) {
boolean b = super.acceptableName(name);
if (b) {
int start = name.indexOf('[');
while (start > 0) {
int end = name.indexOf(']', start);
if (end < 0)
break;
String s = name.substring(start + 1, end);
if (StringUtils.isNumeric(s)) {
int index = Integer.valueOf(s);
if (index > autoGrowCollectionLimit) {
LOG.warn("Parameter \"#0\"
exceed max index: [#1]", name, autoGrowCollectionLimit);
return false;
}
}
start = name.indexOf('[', end);
}
}
return b;
}
}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
