Example 1 with UnsafeByteArrayInputStream
use of org.apache.dubbo.common.io.UnsafeByteArrayInputStream in project dubbo by alibaba.
the class DeprecatedExchangeCodec method decode.
protected Object decode(Channel channel, InputStream is, int readable, byte[] header) throws IOException {
// check magic number.
if (readable > 0 && header[0] != MAGIC_HIGH || readable > 1 && header[1] != MAGIC_LOW) {
int length = header.length;
if (header.length < readable) {
header = Bytes.copyOf(header, readable);
is.read(header, length, readable - length);
}
for (int i = 1; i < header.length - 1; i++) {
if (header[i] == MAGIC_HIGH && header[i + 1] == MAGIC_LOW) {
UnsafeByteArrayInputStream bis = ((UnsafeByteArrayInputStream) is);
bis.position(bis.position() - header.length + i);
header = Bytes.copyOf(header, i);
break;
}
}
return super.decode(channel, is, readable, header);
}
// check length.
if (readable < HEADER_LENGTH) {
return NEED_MORE_INPUT;
}
// get data length.
int len = Bytes.bytes2int(header, 12);
checkPayload(channel, len);
int tt = len + HEADER_LENGTH;
if (readable < tt) {
return NEED_MORE_INPUT;
}
// limit input stream.
if (readable != tt)
is = StreamUtils.limitedInputStream(is, len);
try {
return decodeBody(channel, is, header);
} finally {
if (is.available() > 0) {
try {
if (logger.isWarnEnabled()) {
logger.warn("Skip input stream " + is.available());
}
StreamUtils.skipUnusedStream(is);
} catch (IOException e) {
logger.warn(e.getMessage(), e);
}
}
}
}
Also used :
UnsafeByteArrayInputStream(org.apache.dubbo.common.io.UnsafeByteArrayInputStream)
IOException(java.io.IOException)
Example 2 with UnsafeByteArrayInputStream
use of org.apache.dubbo.common.io.UnsafeByteArrayInputStream in project dubbo by alibaba.
the class DubboCodec method decodeBody.
@Override
protected Object decodeBody(Channel channel, InputStream is, byte[] header) throws IOException {
byte flag = header[2], proto = (byte) (flag & SERIALIZATION_MASK);
// get request id.
long id = Bytes.bytes2long(header, 4);
if ((flag & FLAG_REQUEST) == 0) {
// decode response.
Response res = new Response(id);
if ((flag & FLAG_EVENT) != 0) {
res.setEvent(true);
}
// get status.
byte status = header[3];
res.setStatus(status);
try {
if (status == Response.OK) {
Object data;
if (res.isEvent()) {
byte[] eventPayload = CodecSupport.getPayload(is);
if (CodecSupport.isHeartBeat(eventPayload, proto)) {
// heart beat response data is always null;
data = null;
} else {
ObjectInput in = CodecSupport.deserialize(channel.getUrl(), new ByteArrayInputStream(eventPayload), proto);
data = decodeEventData(channel, in, eventPayload);
}
} else {
DecodeableRpcResult result;
if (channel.getUrl().getParameter(DECODE_IN_IO_THREAD_KEY, DEFAULT_DECODE_IN_IO_THREAD)) {
result = new DecodeableRpcResult(channel, res, is, (Invocation) getRequestData(id), proto);
result.decode();
} else {
result = new DecodeableRpcResult(channel, res, new UnsafeByteArrayInputStream(readMessageData(is)), (Invocation) getRequestData(id), proto);
}
data = result;
}
res.setResult(data);
} else {
ObjectInput in = CodecSupport.deserialize(channel.getUrl(), is, proto);
res.setErrorMessage(in.readUTF());
}
} catch (Throwable t) {
if (log.isWarnEnabled()) {
log.warn("Decode response failed: " + t.getMessage(), t);
}
res.setStatus(Response.CLIENT_ERROR);
res.setErrorMessage(StringUtils.toString(t));
}
return res;
} else {
// decode request.
Request req = new Request(id);
req.setVersion(Version.getProtocolVersion());
req.setTwoWay((flag & FLAG_TWOWAY) != 0);
if ((flag & FLAG_EVENT) != 0) {
req.setEvent(true);
}
try {
Object data;
if (req.isEvent()) {
byte[] eventPayload = CodecSupport.getPayload(is);
if (CodecSupport.isHeartBeat(eventPayload, proto)) {
// heart beat response data is always null;
data = null;
} else {
ObjectInput in = CodecSupport.deserialize(channel.getUrl(), new ByteArrayInputStream(eventPayload), proto);
data = decodeEventData(channel, in, eventPayload);
}
} else {
DecodeableRpcInvocation inv;
if (channel.getUrl().getParameter(DECODE_IN_IO_THREAD_KEY, DEFAULT_DECODE_IN_IO_THREAD)) {
inv = new DecodeableRpcInvocation(channel, req, is, proto);
inv.decode();
} else {
inv = new DecodeableRpcInvocation(channel, req, new UnsafeByteArrayInputStream(readMessageData(is)), proto);
}
data = inv;
}
req.setData(data);
} catch (Throwable t) {
if (log.isWarnEnabled()) {
log.warn("Decode request failed: " + t.getMessage(), t);
}
// bad request
req.setBroken(true);
req.setData(t);
}
return req;
}
}
Also used :
Invocation(org.apache.dubbo.rpc.Invocation)
RpcInvocation(org.apache.dubbo.rpc.RpcInvocation)
Request(org.apache.dubbo.remoting.exchange.Request)
UnsafeByteArrayInputStream(org.apache.dubbo.common.io.UnsafeByteArrayInputStream)
AppResponse(org.apache.dubbo.rpc.AppResponse)
Response(org.apache.dubbo.remoting.exchange.Response)
ByteArrayInputStream(java.io.ByteArrayInputStream)
UnsafeByteArrayInputStream(org.apache.dubbo.common.io.UnsafeByteArrayInputStream)
ObjectInput(org.apache.dubbo.common.serialize.ObjectInput)
Example 3 with UnsafeByteArrayInputStream
use of org.apache.dubbo.common.io.UnsafeByteArrayInputStream in project dubbo by alibaba.
the class GenericFilter method invoke.
@Override
public Result invoke(Invoker<?> invoker, Invocation inv) throws RpcException {
if ((inv.getMethodName().equals($INVOKE) || inv.getMethodName().equals($INVOKE_ASYNC)) && inv.getArguments() != null && inv.getArguments().length == 3 && !GenericService.class.isAssignableFrom(invoker.getInterface())) {
String name = ((String) inv.getArguments()[0]).trim();
String[] types = (String[]) inv.getArguments()[1];
Object[] args = (Object[]) inv.getArguments()[2];
try {
Method method = ReflectUtils.findMethodByMethodSignature(invoker.getInterface(), name, types);
Class<?>[] params = method.getParameterTypes();
if (args == null) {
args = new Object[params.length];
}
if (types == null) {
types = new String[params.length];
}
if (args.length != types.length) {
throw new RpcException("GenericFilter#invoke args.length != types.length, please check your " + "params");
}
String generic = inv.getAttachment(GENERIC_KEY);
if (StringUtils.isBlank(generic)) {
generic = RpcContext.getContext().getAttachment(GENERIC_KEY);
}
if (StringUtils.isEmpty(generic) || ProtocolUtils.isDefaultGenericSerialization(generic) || ProtocolUtils.isGenericReturnRawResult(generic)) {
try {
args = PojoUtils.realize(args, params, method.getGenericParameterTypes());
} catch (IllegalArgumentException e) {
throw new RpcException(e);
}
} else if (ProtocolUtils.isGsonGenericSerialization(generic)) {
args = getGsonGenericArgs(args, method.getGenericParameterTypes());
} else if (ProtocolUtils.isJavaGenericSerialization(generic)) {
Configuration configuration = ApplicationModel.getEnvironment().getConfiguration();
if (!configuration.getBoolean(CommonConstants.ENABLE_NATIVE_JAVA_GENERIC_SERIALIZE, false)) {
String notice = "Trigger the safety barrier! " + "Native Java Serializer is not allowed by default." + "This means currently maybe being attacking by others. " + "If you are sure this is a mistake, " + "please set `" + CommonConstants.ENABLE_NATIVE_JAVA_GENERIC_SERIALIZE + "` enable in configuration! " + "Before doing so, please make sure you have configure JEP290 to prevent serialization attack.";
logger.error(notice);
throw new RpcException(new IllegalStateException(notice));
}
for (int i = 0; i < args.length; i++) {
if (byte[].class == args[i].getClass()) {
try (UnsafeByteArrayInputStream is = new UnsafeByteArrayInputStream((byte[]) args[i])) {
args[i] = ExtensionLoader.getExtensionLoader(Serialization.class).getExtension(GENERIC_SERIALIZATION_NATIVE_JAVA).deserialize(null, is).readObject();
} catch (Exception e) {
throw new RpcException("Deserialize argument [" + (i + 1) + "] failed.", e);
}
} else {
throw new RpcException("Generic serialization [" + GENERIC_SERIALIZATION_NATIVE_JAVA + "] only support message type " + byte[].class + " and your message type is " + args[i].getClass());
}
}
} else if (ProtocolUtils.isBeanGenericSerialization(generic)) {
for (int i = 0; i < args.length; i++) {
if (args[i] instanceof JavaBeanDescriptor) {
args[i] = JavaBeanSerializeUtil.deserialize((JavaBeanDescriptor) args[i]);
} else {
throw new RpcException("Generic serialization [" + GENERIC_SERIALIZATION_BEAN + "] only support message type " + JavaBeanDescriptor.class.getName() + " and your message type is " + args[i].getClass().getName());
}
}
} else if (ProtocolUtils.isProtobufGenericSerialization(generic)) {
// as proto3 only accept one protobuf parameter
if (args.length == 1 && args[0] instanceof String) {
try (UnsafeByteArrayInputStream is = new UnsafeByteArrayInputStream(((String) args[0]).getBytes())) {
args[0] = ExtensionLoader.getExtensionLoader(Serialization.class).getExtension(GENERIC_SERIALIZATION_PROTOBUF).deserialize(null, is).readObject(method.getParameterTypes()[0]);
} catch (Exception e) {
throw new RpcException("Deserialize argument failed.", e);
}
} else {
throw new RpcException("Generic serialization [" + GENERIC_SERIALIZATION_PROTOBUF + "] only support one " + String.class.getName() + " argument and your message size is " + args.length + " and type is" + args[0].getClass().getName());
}
}
RpcInvocation rpcInvocation = new RpcInvocation(method, invoker.getInterface().getName(), invoker.getUrl().getProtocolServiceKey(), args, inv.getObjectAttachments(), inv.getAttributes());
rpcInvocation.setInvoker(inv.getInvoker());
rpcInvocation.setTargetServiceUniqueName(inv.getTargetServiceUniqueName());
return invoker.invoke(rpcInvocation);
} catch (NoSuchMethodException | ClassNotFoundException e) {
throw new RpcException(e.getMessage(), e);
}
}
return invoker.invoke(inv);
}
Also used :
RpcInvocation(org.apache.dubbo.rpc.RpcInvocation)
Configuration(org.apache.dubbo.common.config.Configuration)
UnsafeByteArrayInputStream(org.apache.dubbo.common.io.UnsafeByteArrayInputStream)
Method(java.lang.reflect.Method)
GenericException(org.apache.dubbo.rpc.service.GenericException)
JsonSyntaxException(com.google.gson.JsonSyntaxException)
IOException(java.io.IOException)
RpcException(org.apache.dubbo.rpc.RpcException)
JavaBeanDescriptor(org.apache.dubbo.common.beanutil.JavaBeanDescriptor)
RpcException(org.apache.dubbo.rpc.RpcException)
Example 4 with UnsafeByteArrayInputStream
use of org.apache.dubbo.common.io.UnsafeByteArrayInputStream in project dubbo by alibaba.
the class CodecAdapter method decode.
@Override
public Object decode(Channel channel, ChannelBuffer buffer) throws IOException {
byte[] bytes = new byte[buffer.readableBytes()];
int savedReaderIndex = buffer.readerIndex();
buffer.readBytes(bytes);
UnsafeByteArrayInputStream is = new UnsafeByteArrayInputStream(bytes);
Object result = codec.decode(channel, is);
buffer.readerIndex(savedReaderIndex + is.position());
return result == Codec.NEED_MORE_INPUT ? DecodeResult.NEED_MORE_INPUT : result;
}
Also used :
UnsafeByteArrayInputStream(org.apache.dubbo.common.io.UnsafeByteArrayInputStream)
Aggregations
UnsafeByteArrayInputStream (org.apache.dubbo.common.io.UnsafeByteArrayInputStream)4
IOException (java.io.IOException)2
RpcInvocation (org.apache.dubbo.rpc.RpcInvocation)2
JsonSyntaxException (com.google.gson.JsonSyntaxException)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
Method (java.lang.reflect.Method)1
JavaBeanDescriptor (org.apache.dubbo.common.beanutil.JavaBeanDescriptor)1
Configuration (org.apache.dubbo.common.config.Configuration)1
ObjectInput (org.apache.dubbo.common.serialize.ObjectInput)1
Request (org.apache.dubbo.remoting.exchange.Request)1
Response (org.apache.dubbo.remoting.exchange.Response)1
AppResponse (org.apache.dubbo.rpc.AppResponse)1
Invocation (org.apache.dubbo.rpc.Invocation)1
RpcException (org.apache.dubbo.rpc.RpcException)1
GenericException (org.apache.dubbo.rpc.service.GenericException)1
