Limit/validate string lengths for various identifiers to prevent DoS from large objects
Change-Id: Ib7c34ddf8bd161efdf8d00a50f3378f9b7366188
diff --git a/core/api/src/main/java/org/onosproject/net/region/RegionId.java b/core/api/src/main/java/org/onosproject/net/region/RegionId.java
index 903d014..03cbc9c 100644
--- a/core/api/src/main/java/org/onosproject/net/region/RegionId.java
+++ b/core/api/src/main/java/org/onosproject/net/region/RegionId.java
@@ -18,11 +18,15 @@
import org.onlab.util.Identifier;
+import static com.google.common.base.Preconditions.checkArgument;
+
/**
* Region identifier backed by a string value.
*/
public final class RegionId extends Identifier<String> {
+ private static final int REGION_MAX_LENGTH = 1024;
+
/**
* Constructor for serialization.
*/
@@ -37,6 +41,9 @@
*/
private RegionId(String value) {
super(value);
+ if (value != null) {
+ checkArgument(value.length() <= REGION_MAX_LENGTH, "value exceeds maximum length " + REGION_MAX_LENGTH);
+ }
}
/**