Skip to content

Commit

Permalink
FIX unused trailing bytes in ASN.1 SEQUENCE (#296)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vharseko
vharseko authored Aug 29, 2023
1 parent 6b554bb commit 13fed9d
Show file tree
Hide file tree
Showing 6 changed files with 27 additions and 28 deletions.
24 changes: 6 additions & 18 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,27 +41,15 @@ jobs:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2-repository
- name: Build with Maven
env:
MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
run: mvn --batch-mode --errors --update-snapshots package --file pom.xml
- name: IT test
id: failsafe
- name: Set Integration Test Environment
id: maven-profile-flag
if: runner.os != 'Windows'
timeout-minutes: 120
run: |
echo "MAVEN_PROFILE_FLAG=-P precommit" >> $GITHUB_OUTPUT
- name: Build with Maven
env:
MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
run: |
cat /etc/hosts
mvn --batch-mode --errors verify --file opendj-server-legacy/pom.xml -P precommit
- name: Upload IT test failiure opendj-server-legacy/target
uses: actions/upload-artifact@v3
if: failure()
with:
name: failsafe-${{ matrix.os }}-${{ matrix.java }}
retention-days: 5
path: |
opendj-server-legacy/target/
run: mvn --batch-mode --errors --update-snapshots verify --file pom.xml ${{ steps.maven-profile-flag.outputs.MAVEN_PROFILE_FLAG }}
- name: Test on Unix
if: runner.os != 'Windows'
run: |
Expand Down
21 changes: 16 additions & 5 deletions opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/ASN1BufferReader.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,13 @@
/** Grizzly ASN1 reader implementation. */
final class ASN1BufferReader extends AbstractASN1Reader {
private final class ChildSequenceLimiter implements SequenceLimiter {
private SequenceLimiter parent;
@Override
public String toString() {
return "ChildSequenceLimiter [parent=" + parent + ", child=" + child + ", readLimit=" + readLimit
+ ", bytesRead=" + bytesRead + ", remaining()=" + remaining() + "]";
}

private SequenceLimiter parent;
private ChildSequenceLimiter child;
private int readLimit;
private int bytesRead;
Expand All @@ -55,7 +61,7 @@ public SequenceLimiter endSequence() throws IOException {
parent.checkLimit(remaining());
if (remaining() > 0) {
logger.debug(LocalizableMessage.raw(
"Ignoring %d unused trailing bytes in ASN.1 SEQUENCE", remaining()));
"Ignoring %d unused trailing bytes in ASN.1 SEQUENCE: %s", remaining(),toString()));
}
for (int i = 0; i < remaining(); i++) {
buffer.get();
Expand All @@ -81,11 +87,16 @@ public ChildSequenceLimiter startSequence(final int readLimit) {
}

private final class RootSequenceLimiter implements SequenceLimiter {
private ChildSequenceLimiter child;
@Override
public String toString() {
return "RootSequenceLimiter [remaining()=" + remaining() + "]";
}

private ChildSequenceLimiter child;

@Override
public void checkLimit(final int readSize) throws IOException {
if (buffer.remaining() < readSize) {
if ( remaining() < readSize) {
final LocalizableMessage message = ERR_ASN1_TRUNCATED_LENGTH_BYTE.get();
throw DecodeException.fatalError(message);
}
Expand All @@ -99,7 +110,7 @@ public ChildSequenceLimiter endSequence() throws DecodeException {

@Override
public int remaining() {
return buffer.remaining();
return buffer.hasRemaining() ? buffer.remaining() : 0;
}

@Override
Expand Down
2 changes: 1 addition & 1 deletion opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/DefaultTCPNIOTransport.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ protected TCPNIOTransport newInstance() {
// Enabled by default.
builder.setReuseAddress(Boolean.parseBoolean(reuseAddressStr));
}
//builder.setMemoryManager(new PooledMemoryManager(true));
builder.setMemoryManager(new PooledMemoryManager(true));


final TCPNIOTransport transport = builder.build();
Expand Down
2 changes: 1 addition & 1 deletion opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPClientFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@ public final NextAction handleRead(final FilterChainContext ctx) throws IOExcept
return ctx.getStopAction(buffer.duplicate());
}
final int length = reader.peekLength();
final Buffer remainder = buffer.remaining() > length ? buffer.split(buffer.position() + length) : null;
final Buffer remainder = (buffer.hasRemaining() && buffer.remaining() > length) ? buffer.split(buffer.position() + length) : null;
buffer.reset();
try (final ASN1BufferReader packetReader =
new ASN1BufferReader(maxASN1ElementSize, buffer.asReadOnlyBuffer())) {
Expand Down
2 changes: 1 addition & 1 deletion opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/ServerTCPNIOTransport.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ protected TCPNIOTransport newInstance() {
builder.setReuseAddress(Boolean.parseBoolean(reuseAddressStr));
}
// Force usage of PooledMemoryManager which allows to use grizzly's buffers across threads.
//builder.setMemoryManager(new PooledMemoryManager(true));
builder.setMemoryManager(new PooledMemoryManager(true));

final TCPNIOTransport transport = builder.build();

Expand Down
4 changes: 2 additions & 2 deletions opendj-ldap-toolkit/src/test/java/com/forgerock/opendj/ldap/tools/AuthRateITCase.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ public Object[][] authRateArgs() throws Exception {
args("-h", TestCaseUtils.getServerSocketAddress().getHostName(),
"-p", Integer.toString(TestCaseUtils.getServerSocketAddress().getPort()),
"-g", "rand(0,1000)", "-D", "uid=%d,ou=people,o=test", "-w", "password",
"-i", "1", "-c", "1", "-m", "10", "-f", "-S", "-B", "0"),
"-i", "1", "-c", "1", "-m", "1000", "-f", "-S", "-B", "0"),
THROUGHPUT_TEXT, "" },
};
}
Expand All @@ -74,7 +74,7 @@ public void testITAuthRate(String[] arguments, Object expectedOut, Object expect
//Skip header line
for (int i = 1; i < authRateResLines.length; i++) {
String[] authRateLineData = authRateResLines[i].split(",");
assertThat(authRateLineData[authRateLineData.length - 1].trim()).isEqualTo("0.0");
assertThat(authRateLineData[authRateLineData.length - 1].trim()).as(outContent).isEqualTo("0.0");
}
}
}
Expand Down

0 comments on commit 13fed9d

Please sign in to comment.