Limit/validate string lengths for various identifiers to prevent DoS from large objects
Change-Id: Ib7c34ddf8bd161efdf8d00a50f3378f9b7366188
diff --git a/core/api/src/main/java/org/onosproject/net/region/DefaultRegion.java b/core/api/src/main/java/org/onosproject/net/region/DefaultRegion.java
index d229e92..de1e04c 100644
--- a/core/api/src/main/java/org/onosproject/net/region/DefaultRegion.java
+++ b/core/api/src/main/java/org/onosproject/net/region/DefaultRegion.java
@@ -26,11 +26,15 @@
import java.util.Objects;
import java.util.Set;
+import static com.google.common.base.Preconditions.checkArgument;
+
/**
* Default implementation of a region.
*/
public final class DefaultRegion extends AbstractAnnotated implements Region {
+ private static final int NAME_MAX_LENGTH = 1024;
+
private final RegionId id;
private final String name;
private final Type type;
@@ -52,6 +56,9 @@
this.name = name;
this.type = type;
this.masters = masters != null ? ImmutableList.copyOf(masters) : ImmutableList.of();
+ if (name != null) {
+ checkArgument(name.length() <= NAME_MAX_LENGTH, "name exceeds maximum length " + NAME_MAX_LENGTH);
+ }
}
@Override