Limit/validate string lengths for various identifiers to prevent DoS from large objects Change-Id: Ib7c34ddf8bd161efdf8d00a50f3378f9b7366188

commit: 0d89ea342a8234e12d7c3cf73bd3ad64dd4a19ba [log] [tgz]
author: Jordan Halterman <jordan@onlab.us> Tue Jun 13 10:42:36 2017 -0700
committer: Ray Milkey <ray@onlab.us> Fri Jun 16 21:45:12 2017 +0000
tree: 9b81321f80a417af39e005a9d589121e515fc95b
parent: c939037f350fd1570f184670682eb50f40f7cb0c [diff] [blame]
diff --git a/core/api/src/main/java/org/onosproject/net/domain/DomainId.java b/core/api/src/main/java/org/onosproject/net/domain/DomainId.java
index 6c67009..ef5e94f 100644
--- a/core/api/src/main/java/org/onosproject/net/domain/DomainId.java
+++ b/core/api/src/main/java/org/onosproject/net/domain/DomainId.java

@@ -18,11 +18,16 @@
 
 import org.onlab.util.Identifier;
 
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+
 /**
  * Representation of a domain identity.
  */
 public class DomainId extends Identifier<String> {
 
+    private static final int DOMAIN_ID_MAX_LENGTH = 1024;
+
     /**
      * Represents the domain directly managed by ONOS.
      */
@@ -44,6 +49,9 @@
      * @return instance of the class DomainId
      */
     public static DomainId domainId(String identifier) {
+        checkNotNull(identifier, "identifier cannot be null");
+        checkArgument(identifier.length() <= DOMAIN_ID_MAX_LENGTH,
+                "identifier exceeds maximum length " + DOMAIN_ID_MAX_LENGTH);
         return new DomainId(identifier);
     }
 }
commit	0d89ea342a8234e12d7c3cf73bd3ad64dd4a19ba	[log] [tgz]
author	Jordan Halterman <jordan@onlab.us>	Tue Jun 13 10:42:36 2017 -0700
committer	Ray Milkey <ray@onlab.us>	Fri Jun 16 21:45:12 2017 +0000
tree	9b81321f80a417af39e005a9d589121e515fc95b
parent	c939037f350fd1570f184670682eb50f40f7cb0c [diff] [blame]