OF-476 - Made input processing of FlashCrossDomainHandler more robust: Abort...

OF-476 - Made input processing of FlashCrossDomainHandler more robust: Abort when EOF is encounterd or when more then 100 invalid CodePoints are read. git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@13537 b35dd754-fafc-0310-a699-88a17e54d16e

OF-476 - Made input processing of FlashCrossDomainHandler more robust: Abort...
OF-476 - Made input processing of FlashCrossDomainHandler more robust: Abort when EOF is encounterd or when more then 100 invalid CodePoints are read. git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@13537 b35dd754-fafc-0310-a699-88a17e54d16e
ddcff977 · Florian Schmaus · flow · b74c2b9f · ddcff977
Commit ddcff977 authored Mar 04, 2013 by Florian Schmaus Committed by flow Mar 04, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 10 deletions

FlashCrossDomainHandler.java ...va/org/jivesoftware/openfire/FlashCrossDomainHandler.java +14 -10

No files found.
--- a/src/java/org/jivesoftware/openfire/FlashCrossDomainHandler.java
+++ b/src/java/org/jivesoftware/openfire/FlashCrossDomainHandler.java
@@ -148,28 +148,32 @@ public class FlashCrossDomainHandler extends BasicModule {
    }
    
    /**
-     * Safely read a string from the reader until a zero character or a newline is received o
-r the 200 character is reached.
-     *
+     * Safely read a string from the reader until a zero character or a newline
+     * is received, more then 100 invalid code points where read or the 200
+     * character is reached.
+     * 
     * @return the string read from the reader.
     */
    protected String read(BufferedReader in) {
        StringBuffer buffer = new StringBuffer();
        int codePoint;
-        boolean zeroByteRead = false;
-        
+        boolean stopReading = false;
+        int invalidCodePoints = 0;
+
        try {
            do {
                codePoint = in.read();

-                if (codePoint == 0 || codePoint == '\n') {
-                    zeroByteRead = true;
+                if (codePoint == 0 || codePoint == '\n' || codePoint == -1) {
+                    stopReading = true;
                }
                else if (Character.isValidCodePoint(codePoint)) {
                    buffer.appendCodePoint(codePoint);
+                } else {
+                    invalidCodePoints++;
                }
-            }
-            while (!zeroByteRead && buffer.length() < 200);
+            } while (!stopReading && buffer.length() < 200
+                    && invalidCodePoints < 100);
        }
        catch (Exception e) {
            Log.debug("Exception (read): " + e.getMessage());
@@ -177,5 +181,5 @@ r the 200 character is reached.
        
        return buffer.toString();
    }
-    
+
 }