diff options
author | Justin Clarke Casey | 2008-11-03 22:29:19 +0000 |
---|---|---|
committer | Justin Clarke Casey | 2008-11-03 22:29:19 +0000 |
commit | ee178c76ae0ee7425a7b0fc6a0fafad59b050881 (patch) | |
tree | 68b3a2f8d9495820ce46555261ccb7db0ed2068d /OpenSim | |
parent | Small fix for a possible NRE in standalone mode, killing the (diff) | |
download | opensim-SC-ee178c76ae0ee7425a7b0fc6a0fafad59b050881.zip opensim-SC-ee178c76ae0ee7425a7b0fc6a0fafad59b050881.tar.gz opensim-SC-ee178c76ae0ee7425a7b0fc6a0fafad59b050881.tar.bz2 opensim-SC-ee178c76ae0ee7425a7b0fc6a0fafad59b050881.tar.xz |
* Apply http://opensimulator.org/mantis/view.php?id=2535
* Catch and report deserialization exceptions on rest handlers
* Thanks Diva!
Diffstat (limited to 'OpenSim')
-rw-r--r-- | OpenSim/Framework/Servers/RestSessionService.cs | 45 |
1 files changed, 37 insertions, 8 deletions
diff --git a/OpenSim/Framework/Servers/RestSessionService.cs b/OpenSim/Framework/Servers/RestSessionService.cs index eaeda62..b5a8607 100644 --- a/OpenSim/Framework/Servers/RestSessionService.cs +++ b/OpenSim/Framework/Servers/RestSessionService.cs | |||
@@ -2,10 +2,13 @@ | |||
2 | using System.IO; | 2 | using System.IO; |
3 | using System.Net; | 3 | using System.Net; |
4 | using System.Collections.Generic; | 4 | using System.Collections.Generic; |
5 | using System.Reflection; | ||
5 | using System.Text; | 6 | using System.Text; |
6 | using System.Xml; | 7 | using System.Xml; |
7 | using System.Xml.Serialization; | 8 | using System.Xml.Serialization; |
8 | 9 | ||
10 | using log4net; | ||
11 | |||
9 | namespace OpenSim.Framework.Servers | 12 | namespace OpenSim.Framework.Servers |
10 | { | 13 | { |
11 | public class RestSessionObject<TRequest> | 14 | public class RestSessionObject<TRequest> |
@@ -146,6 +149,9 @@ namespace OpenSim.Framework.Servers | |||
146 | public class RestDeserialiseSecureHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler | 149 | public class RestDeserialiseSecureHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler |
147 | where TRequest : new() | 150 | where TRequest : new() |
148 | { | 151 | { |
152 | private static readonly ILog m_log | ||
153 | = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
154 | |||
149 | private RestDeserialiseMethod<TRequest, TResponse> m_method; | 155 | private RestDeserialiseMethod<TRequest, TResponse> m_method; |
150 | private CheckIdentityMethod m_smethod; | 156 | private CheckIdentityMethod m_smethod; |
151 | 157 | ||
@@ -161,15 +167,25 @@ namespace OpenSim.Framework.Servers | |||
161 | public void Handle(string path, Stream request, Stream responseStream, | 167 | public void Handle(string path, Stream request, Stream responseStream, |
162 | OSHttpRequest httpRequest, OSHttpResponse httpResponse) | 168 | OSHttpRequest httpRequest, OSHttpResponse httpResponse) |
163 | { | 169 | { |
164 | RestSessionObject<TRequest> deserial; | 170 | RestSessionObject<TRequest> deserial = default(RestSessionObject<TRequest>); |
171 | bool fail = false; | ||
172 | |||
165 | using (XmlTextReader xmlReader = new XmlTextReader(request)) | 173 | using (XmlTextReader xmlReader = new XmlTextReader(request)) |
166 | { | 174 | { |
167 | XmlSerializer deserializer = new XmlSerializer(typeof(RestSessionObject<TRequest>)); | 175 | try |
168 | deserial = (RestSessionObject<TRequest>)deserializer.Deserialize(xmlReader); | 176 | { |
177 | XmlSerializer deserializer = new XmlSerializer(typeof(RestSessionObject<TRequest>)); | ||
178 | deserial = (RestSessionObject<TRequest>)deserializer.Deserialize(xmlReader); | ||
179 | } | ||
180 | catch (Exception e) | ||
181 | { | ||
182 | m_log.Error("[REST]: Deserialization problem. Ignoring request. " + e); | ||
183 | fail = true; | ||
184 | } | ||
169 | } | 185 | } |
170 | 186 | ||
171 | TResponse response = default(TResponse); | 187 | TResponse response = default(TResponse); |
172 | if (m_smethod(deserial.SessionID, deserial.AvatarID)) | 188 | if (!fail && m_smethod(deserial.SessionID, deserial.AvatarID)) |
173 | { | 189 | { |
174 | response = m_method(deserial.Body); | 190 | response = m_method(deserial.Body); |
175 | } | 191 | } |
@@ -187,6 +203,9 @@ namespace OpenSim.Framework.Servers | |||
187 | public class RestDeserialiseTrustedHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler | 203 | public class RestDeserialiseTrustedHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler |
188 | where TRequest : new() | 204 | where TRequest : new() |
189 | { | 205 | { |
206 | private static readonly ILog m_log | ||
207 | = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
208 | |||
190 | /// <summary> | 209 | /// <summary> |
191 | /// The operation to perform once trust has been established. | 210 | /// The operation to perform once trust has been established. |
192 | /// </summary> | 211 | /// </summary> |
@@ -211,15 +230,25 @@ namespace OpenSim.Framework.Servers | |||
211 | public void Handle(string path, Stream request, Stream responseStream, | 230 | public void Handle(string path, Stream request, Stream responseStream, |
212 | OSHttpRequest httpRequest, OSHttpResponse httpResponse) | 231 | OSHttpRequest httpRequest, OSHttpResponse httpResponse) |
213 | { | 232 | { |
214 | TRequest deserial; | 233 | TRequest deserial = default(TRequest); |
234 | bool fail = false; | ||
235 | |||
215 | using (XmlTextReader xmlReader = new XmlTextReader(request)) | 236 | using (XmlTextReader xmlReader = new XmlTextReader(request)) |
216 | { | 237 | { |
217 | XmlSerializer deserializer = new XmlSerializer(typeof(TRequest)); | 238 | try |
218 | deserial = (TRequest)deserializer.Deserialize(xmlReader); | 239 | { |
240 | XmlSerializer deserializer = new XmlSerializer(typeof(TRequest)); | ||
241 | deserial = (TRequest)deserializer.Deserialize(xmlReader); | ||
242 | } | ||
243 | catch (Exception e) | ||
244 | { | ||
245 | m_log.Error("[REST]: Deserialization problem. Ignoring request. " + e); | ||
246 | fail = true; | ||
247 | } | ||
219 | } | 248 | } |
220 | 249 | ||
221 | TResponse response = default(TResponse); | 250 | TResponse response = default(TResponse); |
222 | if (m_tmethod(httpRequest.RemoteIPEndPoint)) | 251 | if (!fail && m_tmethod(httpRequest.RemoteIPEndPoint)) |
223 | { | 252 | { |
224 | response = m_method(deserial); | 253 | response = m_method(deserial); |
225 | } | 254 | } |