Allow a maximum length to be specified when reading strings or byte

arrays, check it before allocating the buffer, and always specify the maximum length when reading untrusted data - otherwise CountingConsumer will reject the packet, but not before we've tried to allocate a buffer of the specified size (up to 2 GB).
2026-02-16 20:59:54 +01:00 · 2011-08-03 19:29:30 +01:00
parent 5fd87647f8
commit c90a18278b
13 changed files with 73 additions and 31 deletions
--- a/api/net/sf/briar/api/protocol/Author.java
+++ b/api/net/sf/briar/api/protocol/Author.java
@@ -2,11 +2,24 @@ package net.sf.briar.api.protocol;

 import net.sf.briar.api.serial.Writable;

+/** A pseudonymous author of messages. */
 public interface Author extends Writable {

+	/** The maximum length of an author's name, in UTF-8 bytes. */
+	static final int MAX_NAME_LENGTH = 50;
+
+	/** The maximum length of an author's public key, in bytes. */
+	static final int MAX_PUBLIC_KEY_LENGTH = 1000;
+
+	/** Returns the author's unique identifier. */
 	AuthorId getId();

+	/** Returns the author's name. */
 	String getName();

+	/**
+	 * Returns the public key that is used to verify messages signed by the
+	 * author.
+	 */
 	byte[] getPublicKey();
 }
--- a/api/net/sf/briar/api/protocol/Group.java
+++ b/api/net/sf/briar/api/protocol/Group.java
@@ -5,6 +5,12 @@ import net.sf.briar.api.serial.Writable;
 /** A group to which users may subscribe. */
 public interface Group extends Writable {

+	/** The maximum length of a group's name, in UTF-8 bytes. */
+	static final int MAX_NAME_LENGTH = 50;
+
+	/** The maximum length of a group's public key, in bytes. */
+	static final int MAX_PUBLIC_KEY_LENGTH = 1000;
+
 	/** Returns the group's unique identifier. */
 	GroupId getId();

--- a/api/net/sf/briar/api/protocol/Message.java
+++ b/api/net/sf/briar/api/protocol/Message.java
@@ -2,8 +2,12 @@ package net.sf.briar.api.protocol;

 public interface Message {

+	/** The maximum size of a serialised message, in bytes. */
 	static final int MAX_SIZE = (1024 * 1024) - 200;

+	/** The maximum size of a signature, in bytes. */
+	static final int MAX_SIGNATURE_SIZE = 100;
+
 	/** Returns the message's unique identifier. */
 	MessageId getId();

--- a/api/net/sf/briar/api/serial/Reader.java
+++ b/api/net/sf/briar/api/serial/Reader.java
@@ -38,8 +38,11 @@ public interface Reader {

 	boolean hasString() throws IOException;
 	String readString() throws IOException;
+	String readString(int maxLength) throws IOException;
+
 	boolean hasBytes() throws IOException;
 	byte[] readBytes() throws IOException;
+	byte[] readBytes(int maxLength) throws IOException;

 	boolean hasList() throws IOException;
 	List<Object> readList() throws IOException;