Projects
Mega:23.03
netty
_service:tar_scm:CVE-2021-21295-pre1.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2021-21295-pre1.patch of Package netty
From bcb62be62bd989c0292e0f8e22a51127907cefdc Mon Sep 17 00:00:00 2001 From: Bennett Lynch <bennett.lynch@gmail.com> Date: Thu, 11 Jun 2020 22:39:10 -0700 Subject: [PATCH] Consolidate HttpObjectDecoder default values into constants (#10344) Motivation HttpObjectDecoder and its associated classes make frequent use of default values for maxInitialLineLength, maxHeaderSize, maxChunkSize, etc. Today, these defaults are defined in-line in constructors and duplicated across many classes. This repetition is more prone to error and inconsistencies. Furthermore, due to the current lack of builder support, if a user wants to change just one of these values (e.g., maxHeaderSize), they are also required to know and repeat the other default values (e.g., maxInitialLineLength and maxChunkSize). The primary motivation for this change is as we are considering adding another constructor parameter (for multiple content length behavior), appending this parameter may require some users to have prior knowledge of the default initialBufferSize, and it would be cleaner to allow them to reference the default constant. Modifications * Consolidate the HttpObjectDecoder default values into public constants * Reference these constants where possible Result No functional change. Additional telescoping constructors will be easier and safer to write. Users may have an easier experience changing single parameters. --- .../netty/handler/codec/http/HttpClientCodec.java | 6 +++++- .../handler/codec/http/HttpObjectDecoder.java | 15 ++++++++++++--- .../handler/codec/http/HttpRequestDecoder.java | 7 ++++--- .../handler/codec/http/HttpResponseDecoder.java | 7 ++++--- .../netty/handler/codec/http/HttpServerCodec.java | 6 +++++- .../io/netty/handler/codec/rtsp/RtspDecoder.java | 10 ---------- .../handler/codec/rtsp/RtspObjectDecoder.java | 4 +++- 7 files changed, 33 insertions(+), 22 deletions(-) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpClientCodec.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpClientCodec.java index da4c440466..a832bfdff3 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpClientCodec.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpClientCodec.java @@ -28,6 +28,10 @@ import java.util.List; import java.util.Queue; import java.util.concurrent.atomic.AtomicLong; +import static io.netty.handler.codec.http.HttpObjectDecoder.DEFAULT_MAX_CHUNK_SIZE; +import static io.netty.handler.codec.http.HttpObjectDecoder.DEFAULT_MAX_HEADER_SIZE; +import static io.netty.handler.codec.http.HttpObjectDecoder.DEFAULT_MAX_INITIAL_LINE_LENGTH; + /** * A combination of {@link HttpRequestEncoder} and {@link HttpResponseDecoder} * which enables easier client side HTTP implementation. {@link HttpClientCodec} @@ -61,7 +65,7 @@ public final class HttpClientCodec extends CombinedChannelDuplexHandler<HttpResp * {@code maxChunkSize (8192)}). */ public HttpClientCodec() { - this(4096, 8192, 8192, false); + this(DEFAULT_MAX_INITIAL_LINE_LENGTH, DEFAULT_MAX_HEADER_SIZE, DEFAULT_MAX_CHUNK_SIZE, false); } /** diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java index e39ed9e48a..d4caf29c6d 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java @@ -100,6 +100,13 @@ import java.util.List; * implement all abstract methods properly. */ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { + public static final int DEFAULT_MAX_INITIAL_LINE_LENGTH = 4096; + public static final int DEFAULT_MAX_HEADER_SIZE = 8192; + public static final boolean DEFAULT_CHUNKED_SUPPORTED = true; + public static final int DEFAULT_MAX_CHUNK_SIZE = 8192; + public static final boolean DEFAULT_VALIDATE_HEADERS = true; + public static final int DEFAULT_INITIAL_BUFFER_SIZE = 128; + private static final String EMPTY_VALUE = ""; private final int maxChunkSize; @@ -145,7 +152,8 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { * {@code maxChunkSize (8192)}. */ protected HttpObjectDecoder() { - this(4096, 8192, 8192, true); + this(DEFAULT_MAX_INITIAL_LINE_LENGTH, DEFAULT_MAX_HEADER_SIZE, DEFAULT_MAX_CHUNK_SIZE, + DEFAULT_CHUNKED_SUPPORTED); } /** @@ -153,7 +161,7 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { */ protected HttpObjectDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, boolean chunkedSupported) { - this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, true); + this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, DEFAULT_VALIDATE_HEADERS); } /** @@ -162,7 +170,8 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { protected HttpObjectDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, boolean chunkedSupported, boolean validateHeaders) { - this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, 128); + this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, + DEFAULT_INITIAL_BUFFER_SIZE); } protected HttpObjectDecoder( diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpRequestDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpRequestDecoder.java index 24252c7358..70c1db5540 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpRequestDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpRequestDecoder.java @@ -67,18 +67,19 @@ public class HttpRequestDecoder extends HttpObjectDecoder { */ public HttpRequestDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize) { - super(maxInitialLineLength, maxHeaderSize, maxChunkSize, true); + super(maxInitialLineLength, maxHeaderSize, maxChunkSize, DEFAULT_CHUNKED_SUPPORTED); } public HttpRequestDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, boolean validateHeaders) { - super(maxInitialLineLength, maxHeaderSize, maxChunkSize, true, validateHeaders); + super(maxInitialLineLength, maxHeaderSize, maxChunkSize, DEFAULT_CHUNKED_SUPPORTED, validateHeaders); } public HttpRequestDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, boolean validateHeaders, int initialBufferSize) { - super(maxInitialLineLength, maxHeaderSize, maxChunkSize, true, validateHeaders, initialBufferSize); + super(maxInitialLineLength, maxHeaderSize, maxChunkSize, DEFAULT_CHUNKED_SUPPORTED, validateHeaders, + initialBufferSize); } @Override diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpResponseDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpResponseDecoder.java index c6351c47bf..39d4d6a5ad 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpResponseDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpResponseDecoder.java @@ -98,18 +98,19 @@ public class HttpResponseDecoder extends HttpObjectDecoder { */ public HttpResponseDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize) { - super(maxInitialLineLength, maxHeaderSize, maxChunkSize, true); + super(maxInitialLineLength, maxHeaderSize, maxChunkSize, DEFAULT_CHUNKED_SUPPORTED); } public HttpResponseDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, boolean validateHeaders) { - super(maxInitialLineLength, maxHeaderSize, maxChunkSize, true, validateHeaders); + super(maxInitialLineLength, maxHeaderSize, maxChunkSize, DEFAULT_CHUNKED_SUPPORTED, validateHeaders); } public HttpResponseDecoder( int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, boolean validateHeaders, int initialBufferSize) { - super(maxInitialLineLength, maxHeaderSize, maxChunkSize, true, validateHeaders, initialBufferSize); + super(maxInitialLineLength, maxHeaderSize, maxChunkSize, DEFAULT_CHUNKED_SUPPORTED, validateHeaders, + initialBufferSize); } @Override diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpServerCodec.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpServerCodec.java index a009df1145..8ae6295cf7 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpServerCodec.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpServerCodec.java @@ -23,6 +23,10 @@ import java.util.ArrayDeque; import java.util.List; import java.util.Queue; +import static io.netty.handler.codec.http.HttpObjectDecoder.DEFAULT_MAX_CHUNK_SIZE; +import static io.netty.handler.codec.http.HttpObjectDecoder.DEFAULT_MAX_HEADER_SIZE; +import static io.netty.handler.codec.http.HttpObjectDecoder.DEFAULT_MAX_INITIAL_LINE_LENGTH; + /** * A combination of {@link HttpRequestDecoder} and {@link HttpResponseEncoder} * which enables easier server side HTTP implementation. @@ -41,7 +45,7 @@ public final class HttpServerCodec extends CombinedChannelDuplexHandler<HttpRequ * {@code maxChunkSize (8192)}). */ public HttpServerCodec() { - this(4096, 8192, 8192); + this(DEFAULT_MAX_INITIAL_LINE_LENGTH, DEFAULT_MAX_HEADER_SIZE, DEFAULT_MAX_CHUNK_SIZE); } /** diff --git a/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspDecoder.java index acc028978f..b2a353d298 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspDecoder.java @@ -71,16 +71,6 @@ public class RtspDecoder extends HttpObjectDecoder { */ private static final Pattern versionPattern = Pattern.compile("RTSP/\\d\\.\\d"); - /** - * Constant for default max initial line length. - */ - public static final int DEFAULT_MAX_INITIAL_LINE_LENGTH = 4096; - - /** - * Constant for default max header size. - */ - public static final int DEFAULT_MAX_HEADER_SIZE = 8192; - /** * Constant for default max content length. */ diff --git a/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspObjectDecoder.java index e52c0ce51e..69b8ebb1f0 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspObjectDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/rtsp/RtspObjectDecoder.java @@ -20,6 +20,8 @@ import io.netty.handler.codec.TooLongFrameException; import io.netty.handler.codec.http.HttpMessage; import io.netty.handler.codec.http.HttpObjectDecoder; +import static io.netty.handler.codec.rtsp.RtspDecoder.DEFAULT_MAX_CONTENT_LENGTH; + /** * Decodes {@link ByteBuf}s into RTSP messages represented in * {@link HttpMessage}s. @@ -59,7 +61,7 @@ public abstract class RtspObjectDecoder extends HttpObjectDecoder { * {@code maxContentLength (8192)}. */ protected RtspObjectDecoder() { - this(4096, 8192, 8192); + this(DEFAULT_MAX_INITIAL_LINE_LENGTH, DEFAULT_MAX_HEADER_SIZE, DEFAULT_MAX_CONTENT_LENGTH); } /** -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2