Google Git
Sign in
gwt/gwt/d74d6a4bb299705b92b5cef774ef29651283bb1f^!/.
commit
d74d6a4bb299705b92b5cef774ef29651283bb1f
[log]
author
bobv@google.com <bobv@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>
Mon Jun 15 21:00:16 2009 +0000
committer
bobv@google.com <bobv@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>
Mon Jun 15 21:00:16 2009 +0000
tree
e962094c9db580af2866c48586c4207aeacabf03
parent
71e72af30125f3310eb19ae7e030d2d53a3b517c [diff]
Add additional RPC sanity checks.

Patch by: meder
Review by: bobv

git-svn-id: https://google-web-toolkit.googlecode.com/svn/trunk@5559 8db76d5a-ed1c-0410-87a9-c151d255dfc7

diff --git a/user/src/com/google/gwt/user/server/rpc/RPC.java b/user/src/com/google/gwt/user/server/rpc/RPC.java
index 5a6ffa7..80a2fe8 100644
--- a/user/src/com/google/gwt/user/server/rpc/RPC.java
+++ b/user/src/com/google/gwt/user/server/rpc/RPC.java

@@ -269,6 +269,9 @@
       String serviceMethodName = streamReader.readString();
 
       int paramCount = streamReader.readInt();
+      if (paramCount > streamReader.getNumberOfTokens()) {
+        throw new IncompatibleRemoteServiceException("Invalid number of parameters");
+      }
       Class<?>[] parameterTypes = new Class[paramCount];
 
       for (int i = 0; i < parameterTypes.length; i++) {

diff --git a/user/src/com/google/gwt/user/server/rpc/RemoteServiceServlet.java b/user/src/com/google/gwt/user/server/rpc/RemoteServiceServlet.java
index 92f7eaf..1c0be0a 100644
--- a/user/src/com/google/gwt/user/server/rpc/RemoteServiceServlet.java
+++ b/user/src/com/google/gwt/user/server/rpc/RemoteServiceServlet.java

@@ -177,6 +177,9 @@
    */
   public String processCall(String payload) throws SerializationException {
     try {
+      if (getPermutationStrongName() == null) {
+        throw new SecurityException("Blocked request without GWT permutation header(XSRF attack?)");
+      }
       RPCRequest rpcRequest = RPC.decodeRequest(payload, this.getClass(), this);
       onAfterRequestDeserialized(rpcRequest);
       return RPC.invokeAndEncodeResponse(this, rpcRequest.getMethod(),

diff --git a/user/src/com/google/gwt/user/server/rpc/impl/ServerSerializationStreamReader.java b/user/src/com/google/gwt/user/server/rpc/impl/ServerSerializationStreamReader.java
index 4b55d54..7dbef17 100644
--- a/user/src/com/google/gwt/user/server/rpc/impl/ServerSerializationStreamReader.java
+++ b/user/src/com/google/gwt/user/server/rpc/impl/ServerSerializationStreamReader.java

@@ -373,6 +373,10 @@
     }
   }
 
+  public int getNumberOfTokens() {
+    return tokenList.size();
+  }
+
   public SerializationPolicy getSerializationPolicy() {
     return serializationPolicy;
   }