commit 2a65575cf89829aca8dc4684dcf3669d630366a0
author Jonathan Hart <jono@onlab.us> Tue Apr 07 16:46:33 2015 -0700
committer Gerrit Code Review <gerrit@onlab.us> Mon Jun 29 16:31:11 2015 +0000
tree ec89e0607a078d1a5e02b645dbae4d77bd2e3076
parent 08e457ab8ba31e4f91f936d28ce0fa8b91ce94ef

Improve the resiliency of the packet deserialization code.

Packet deserializers now check for malformed input while reading the byte
stream. Deserializers are re-implemented as functions that take a byte array
and return a packet object. The old IPacket.deserialize(...) methods have been
deprecated with the goal of eventually moving to immutable packet objects.
Unit tests have been implemented for all Deserializer functions.

ONOS-1589

Change-Id: I9073d5e6e7991e15d43830cfd810989256b71c56

utils/misc/src/main/java/org/onlab/packet/LLDPOrganizationalTLV.java

diff --git a/utils/misc/src/main/java/org/onlab/packet/LLDPOrganizationalTLV.java b/utils/misc/src/main/java/org/onlab/packet/LLDPOrganizationalTLV.java
index 497e0ad..bedf439 100644
--- a/utils/misc/src/main/java/org/onlab/packet/LLDPOrganizationalTLV.java
+++ b/utils/misc/src/main/java/org/onlab/packet/LLDPOrganizationalTLV.java
@@ -154,10 +154,15 @@
     }
 
     @Override
-    public LLDPTLV deserialize(final ByteBuffer bb) {
-        LLDPTLV tlv = super.deserialize(bb);
-        if (tlv.getType() != LLDPOrganizationalTLV.ORGANIZATIONAL_TLV_TYPE) {
-            return tlv;
+    public LLDPTLV deserialize(final ByteBuffer bb) throws DeserializationException {
+        super.deserialize(bb);
+        if (this.getType() != LLDPOrganizationalTLV.ORGANIZATIONAL_TLV_TYPE) {
+            return this;
+        }
+
+        if (this.getLength() <= OUI_LENGTH + SUBTYPE_LENGTH) {
+            throw new DeserializationException(
+                    "TLV length is less than required for organizational TLV");
         }
 
         final ByteBuffer optionalField = ByteBuffer.wrap(this.value);