From 4a9b8386c30cc35fc464df55d76b2f58100f57be Mon Sep 17 00:00:00 2001 From: renchenchang Date: Mon, 25 Feb 2019 16:10:52 +0800 Subject: [PATCH 1/2] check body size in http interface --- src/main/java/org/tron/core/services/http/Util.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/tron/core/services/http/Util.java b/src/main/java/org/tron/core/services/http/Util.java index f5d5310b2e0..e2832793d54 100644 --- a/src/main/java/org/tron/core/services/http/Util.java +++ b/src/main/java/org/tron/core/services/http/Util.java @@ -17,6 +17,7 @@ import org.tron.common.utils.Sha256Hash; import org.tron.core.capsule.BlockCapsule; import org.tron.core.capsule.TransactionCapsule; +import org.tron.core.config.args.Args; import org.tron.core.services.http.JsonFormat.ParseException; import org.tron.protos.Contract.AccountCreateContract; import org.tron.protos.Contract.AccountPermissionUpdateContract; @@ -136,7 +137,8 @@ public static String printTransactionSignWeight(TransactionSignWeight transactio return jsonObject.toJSONString(); } - public static String printTransactionApprovedList(TransactionApprovedList transactionApprovedList) { + public static String printTransactionApprovedList( + TransactionApprovedList transactionApprovedList) { String string = JsonFormat.printToString(transactionApprovedList); JSONObject jsonObject = JSONObject.parseObject(string); JSONObject jsonObjectExt = jsonObject.getJSONObject("transaction"); @@ -577,4 +579,11 @@ public static Transaction packTransaction(String strTransaction) { return null; } } + + public static void checkBodySize(String body) throws Exception { + Args args = Args.getInstance(); + if (body.getBytes().length > args.getMaxMessageSize()) { + throw new Exception("body size is too big, limit is " + args.getMaxMessageSize()); + } + } } From f79165cec8a1c56f07584becee29b589ae61bf38 Mon Sep 17 00:00:00 2001 From: renchenchang Date: Mon, 25 Feb 2019 16:30:13 +0800 Subject: [PATCH 2/2] check body size in http interface --- .../core/services/http/AccountPermissionUpdateServlet.java | 1 + .../tron/core/services/http/AddTransactionSignServlet.java | 1 + .../java/org/tron/core/services/http/BroadcastServlet.java | 1 + .../org/tron/core/services/http/CreateAccountServlet.java | 1 + .../org/tron/core/services/http/CreateAddressServlet.java | 1 + .../tron/core/services/http/CreateAssetIssueServlet.java | 1 + .../org/tron/core/services/http/CreateWitnessServlet.java | 1 + .../org/tron/core/services/http/DeployContractServlet.java | 1 + .../core/services/http/EasyTransferByPrivateServlet.java | 1 + .../org/tron/core/services/http/EasyTransferServlet.java | 3 +++ .../org/tron/core/services/http/ExchangeCreateServlet.java | 1 + .../org/tron/core/services/http/ExchangeInjectServlet.java | 1 + .../core/services/http/ExchangeTransactionServlet.java | 1 + .../tron/core/services/http/ExchangeWithdrawServlet.java | 1 + .../org/tron/core/services/http/FreezeBalanceServlet.java | 5 +---- .../org/tron/core/services/http/GetAccountByIdServlet.java | 2 +- .../org/tron/core/services/http/GetAccountNetServlet.java | 1 + .../tron/core/services/http/GetAccountResourceServlet.java | 5 +---- .../org/tron/core/services/http/GetAccountServlet.java | 1 + .../core/services/http/GetAssetIssueByAccountServlet.java | 1 + .../tron/core/services/http/GetAssetIssueByIdServlet.java | 1 + .../core/services/http/GetAssetIssueByNameServlet.java | 2 +- .../core/services/http/GetAssetIssueListByNameServlet.java | 2 +- .../org/tron/core/services/http/GetBlockByIdServlet.java | 1 + .../core/services/http/GetBlockByLatestNumServlet.java | 1 + .../core/services/http/GetBlockByLimitNextServlet.java | 1 + .../org/tron/core/services/http/GetBlockByNumServlet.java | 1 + .../org/tron/core/services/http/GetContractServlet.java | 7 +++++-- .../http/GetDelegatedResourceAccountIndexServlet.java | 4 +++- .../core/services/http/GetDelegatedResourceServlet.java | 4 +++- .../tron/core/services/http/GetExchangeByIdServlet.java | 1 + .../services/http/GetPaginatedAssetIssueListServlet.java | 1 + .../services/http/GetPaginatedExchangeListServlet.java | 1 + .../services/http/GetPaginatedProposalListServlet.java | 1 + .../tron/core/services/http/GetProposalByIdServlet.java | 1 + .../services/http/GetTransactionApprovedListServlet.java | 1 + .../tron/core/services/http/GetTransactionByIdServlet.java | 1 + .../http/GetTransactionCountByBlockNumServlet.java | 5 +++-- .../core/services/http/GetTransactionInfoByIdServlet.java | 1 + .../services/http/GetTransactionSignWeightServlet.java | 1 + .../core/services/http/ParticipateAssetIssueServlet.java | 1 + .../tron/core/services/http/ProposalApproveServlet.java | 1 + .../org/tron/core/services/http/ProposalCreateServlet.java | 1 + .../org/tron/core/services/http/ProposalDeleteServlet.java | 1 + .../tron/core/services/http/TransactionSignServlet.java | 1 + .../org/tron/core/services/http/TransferAssetServlet.java | 1 + .../java/org/tron/core/services/http/TransferServlet.java | 1 + .../core/services/http/TriggerSmartContractServlet.java | 1 + .../org/tron/core/services/http/UnFreezeAssetServlet.java | 1 + .../tron/core/services/http/UnFreezeBalanceServlet.java | 1 + .../org/tron/core/services/http/UpdateAccountServlet.java | 1 + .../org/tron/core/services/http/UpdateAssetServlet.java | 1 + .../tron/core/services/http/UpdateEnergyLimitServlet.java | 1 + .../org/tron/core/services/http/UpdateSettingServlet.java | 1 + .../org/tron/core/services/http/UpdateWitnessServlet.java | 1 + .../tron/core/services/http/ValidateAddressServlet.java | 5 +++-- .../tron/core/services/http/VoteWitnessAccountServlet.java | 1 + .../tron/core/services/http/WithdrawBalanceServlet.java | 1 + .../http/solidity/GetTransactionByIdSolidityServlet.java | 2 +- .../solidity/GetTransactionInfoByIdSolidityServlet.java | 3 ++- .../http/solidity/GetTransactionsFromThisServlet.java | 1 + .../http/solidity/GetTransactionsToThisServlet.java | 1 + 62 files changed, 77 insertions(+), 21 deletions(-) diff --git a/src/main/java/org/tron/core/services/http/AccountPermissionUpdateServlet.java b/src/main/java/org/tron/core/services/http/AccountPermissionUpdateServlet.java index 4da10f3aba9..b89f50fc3f4 100644 --- a/src/main/java/org/tron/core/services/http/AccountPermissionUpdateServlet.java +++ b/src/main/java/org/tron/core/services/http/AccountPermissionUpdateServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); AccountPermissionUpdateContract.Builder build = AccountPermissionUpdateContract.newBuilder(); JsonFormat.merge(contract, build); diff --git a/src/main/java/org/tron/core/services/http/AddTransactionSignServlet.java b/src/main/java/org/tron/core/services/http/AddTransactionSignServlet.java index be491d6523c..6dc45ec608a 100644 --- a/src/main/java/org/tron/core/services/http/AddTransactionSignServlet.java +++ b/src/main/java/org/tron/core/services/http/AddTransactionSignServlet.java @@ -30,6 +30,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); JSONObject input = JSONObject.parseObject(contract); String strTransaction = input.getJSONObject("transaction").toJSONString(); Transaction transaction = Util.packTransaction(strTransaction); diff --git a/src/main/java/org/tron/core/services/http/BroadcastServlet.java b/src/main/java/org/tron/core/services/http/BroadcastServlet.java index bb3874b6f03..f030cf985be 100644 --- a/src/main/java/org/tron/core/services/http/BroadcastServlet.java +++ b/src/main/java/org/tron/core/services/http/BroadcastServlet.java @@ -23,6 +23,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); Transaction transaction = Util.packTransaction(input); GrpcAPI.Return retur = wallet.broadcastTransaction(transaction); response.getWriter().println(JsonFormat.printToString(retur)); diff --git a/src/main/java/org/tron/core/services/http/CreateAccountServlet.java b/src/main/java/org/tron/core/services/http/CreateAccountServlet.java index 4febc2d0149..005ef902322 100644 --- a/src/main/java/org/tron/core/services/http/CreateAccountServlet.java +++ b/src/main/java/org/tron/core/services/http/CreateAccountServlet.java @@ -25,6 +25,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); AccountCreateContract.Builder build = AccountCreateContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/CreateAddressServlet.java b/src/main/java/org/tron/core/services/http/CreateAddressServlet.java index cbaae67e980..ceea51e4f86 100644 --- a/src/main/java/org/tron/core/services/http/CreateAddressServlet.java +++ b/src/main/java/org/tron/core/services/http/CreateAddressServlet.java @@ -49,6 +49,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); byte[] address = wallet.createAdresss(build.getValue().toByteArray()); diff --git a/src/main/java/org/tron/core/services/http/CreateAssetIssueServlet.java b/src/main/java/org/tron/core/services/http/CreateAssetIssueServlet.java index b8e6d52afef..6115e20211a 100644 --- a/src/main/java/org/tron/core/services/http/CreateAssetIssueServlet.java +++ b/src/main/java/org/tron/core/services/http/CreateAssetIssueServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); AssetIssueContract.Builder build = AssetIssueContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/CreateWitnessServlet.java b/src/main/java/org/tron/core/services/http/CreateWitnessServlet.java index be88c9f62ce..eeb35a919dd 100644 --- a/src/main/java/org/tron/core/services/http/CreateWitnessServlet.java +++ b/src/main/java/org/tron/core/services/http/CreateWitnessServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); WitnessCreateContract.Builder build = WitnessCreateContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/DeployContractServlet.java b/src/main/java/org/tron/core/services/http/DeployContractServlet.java index 01403b48362..78b5bc78a1d 100644 --- a/src/main/java/org/tron/core/services/http/DeployContractServlet.java +++ b/src/main/java/org/tron/core/services/http/DeployContractServlet.java @@ -35,6 +35,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); CreateSmartContract.Builder build = CreateSmartContract.newBuilder(); JSONObject jsonObject = JSONObject.parseObject(contract); byte[] ownerAddress = ByteArray.fromHexString(jsonObject.getString("owner_address")); diff --git a/src/main/java/org/tron/core/services/http/EasyTransferByPrivateServlet.java b/src/main/java/org/tron/core/services/http/EasyTransferByPrivateServlet.java index e6a7502ac39..b89117d68ab 100644 --- a/src/main/java/org/tron/core/services/http/EasyTransferByPrivateServlet.java +++ b/src/main/java/org/tron/core/services/http/EasyTransferByPrivateServlet.java @@ -37,6 +37,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); EasyTransferByPrivateMessage.Builder build = EasyTransferByPrivateMessage.newBuilder(); JsonFormat.merge(input, build); byte[] privateKey = build.getPrivateKey().toByteArray(); diff --git a/src/main/java/org/tron/core/services/http/EasyTransferServlet.java b/src/main/java/org/tron/core/services/http/EasyTransferServlet.java index f1cd3656832..8da8e026445 100644 --- a/src/main/java/org/tron/core/services/http/EasyTransferServlet.java +++ b/src/main/java/org/tron/core/services/http/EasyTransferServlet.java @@ -39,6 +39,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); EasyTransferMessage.Builder build = EasyTransferMessage.newBuilder(); JsonFormat.merge(input, build); byte[] privateKey = wallet.pass2Key(build.getPassPhrase().toByteArray()); @@ -71,6 +72,8 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) logger.debug("IOException: {}", ioe.getMessage()); } return; + } catch (Exception e) { + logger.debug("Exception: {}", e.getMessage()); } } } diff --git a/src/main/java/org/tron/core/services/http/ExchangeCreateServlet.java b/src/main/java/org/tron/core/services/http/ExchangeCreateServlet.java index f8266f9cbac..4e77da9d39a 100644 --- a/src/main/java/org/tron/core/services/http/ExchangeCreateServlet.java +++ b/src/main/java/org/tron/core/services/http/ExchangeCreateServlet.java @@ -25,6 +25,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ExchangeCreateContract.Builder build = ExchangeCreateContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ExchangeInjectServlet.java b/src/main/java/org/tron/core/services/http/ExchangeInjectServlet.java index 13d4110ee95..efc9634e8b2 100644 --- a/src/main/java/org/tron/core/services/http/ExchangeInjectServlet.java +++ b/src/main/java/org/tron/core/services/http/ExchangeInjectServlet.java @@ -25,6 +25,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ExchangeInjectContract.Builder build = ExchangeInjectContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ExchangeTransactionServlet.java b/src/main/java/org/tron/core/services/http/ExchangeTransactionServlet.java index aa0c7d67e7a..2b748345e22 100644 --- a/src/main/java/org/tron/core/services/http/ExchangeTransactionServlet.java +++ b/src/main/java/org/tron/core/services/http/ExchangeTransactionServlet.java @@ -25,6 +25,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ExchangeTransactionContract.Builder build = ExchangeTransactionContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ExchangeWithdrawServlet.java b/src/main/java/org/tron/core/services/http/ExchangeWithdrawServlet.java index 885c219b07d..e7b549116e4 100644 --- a/src/main/java/org/tron/core/services/http/ExchangeWithdrawServlet.java +++ b/src/main/java/org/tron/core/services/http/ExchangeWithdrawServlet.java @@ -25,6 +25,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ExchangeWithdrawContract.Builder build = ExchangeWithdrawContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/FreezeBalanceServlet.java b/src/main/java/org/tron/core/services/http/FreezeBalanceServlet.java index 239c9a08cea..a61e7012978 100644 --- a/src/main/java/org/tron/core/services/http/FreezeBalanceServlet.java +++ b/src/main/java/org/tron/core/services/http/FreezeBalanceServlet.java @@ -21,14 +21,11 @@ public class FreezeBalanceServlet extends HttpServlet { @Autowired private Wallet wallet; - protected void doGet(HttpServletRequest request, HttpServletResponse response) { - - } - protected void doPost(HttpServletRequest request, HttpServletResponse response) { try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); FreezeBalanceContract.Builder build = FreezeBalanceContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/GetAccountByIdServlet.java b/src/main/java/org/tron/core/services/http/GetAccountByIdServlet.java index dfb761a9ec2..535dd48cb90 100644 --- a/src/main/java/org/tron/core/services/http/GetAccountByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAccountByIdServlet.java @@ -12,7 +12,6 @@ import org.springframework.stereotype.Component; import org.tron.common.utils.ByteArray; import org.tron.core.Wallet; -import org.tron.protos.Contract.AssetIssueContract; import org.tron.protos.Protocol.Account; @Component @@ -64,6 +63,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String account = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(account); Account.Builder build = Account.newBuilder(); JsonFormat.merge(account, build); diff --git a/src/main/java/org/tron/core/services/http/GetAccountNetServlet.java b/src/main/java/org/tron/core/services/http/GetAccountNetServlet.java index d2d9a2f2002..dc578111573 100644 --- a/src/main/java/org/tron/core/services/http/GetAccountNetServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAccountNetServlet.java @@ -46,6 +46,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String account = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(account); Account.Builder build = Account.newBuilder(); JsonFormat.merge(account, build); AccountNetMessage reply = wallet.getAccountNet(build.getAddress()); diff --git a/src/main/java/org/tron/core/services/http/GetAccountResourceServlet.java b/src/main/java/org/tron/core/services/http/GetAccountResourceServlet.java index f421c005b34..850c99df1de 100644 --- a/src/main/java/org/tron/core/services/http/GetAccountResourceServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAccountResourceServlet.java @@ -13,7 +13,6 @@ import org.tron.api.GrpcAPI.AccountResourceMessage; import org.tron.common.utils.ByteArray; import org.tron.core.Wallet; -import org.tron.core.db.Manager; @Component @@ -23,9 +22,6 @@ public class GetAccountResourceServlet extends HttpServlet { @Autowired private Wallet wallet; - @Autowired - private Manager dbManager; - protected void doGet(HttpServletRequest request, HttpServletResponse response) { try { String address = request.getParameter("address"); @@ -50,6 +46,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); JSONObject jsonObject = JSONObject.parseObject(input); String address = jsonObject.getString("address"); AccountResourceMessage reply = wallet diff --git a/src/main/java/org/tron/core/services/http/GetAccountServlet.java b/src/main/java/org/tron/core/services/http/GetAccountServlet.java index c4bba29e656..68ccad416a5 100644 --- a/src/main/java/org/tron/core/services/http/GetAccountServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAccountServlet.java @@ -68,6 +68,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String account = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(account); Account.Builder build = Account.newBuilder(); JsonFormat.merge(account, build); diff --git a/src/main/java/org/tron/core/services/http/GetAssetIssueByAccountServlet.java b/src/main/java/org/tron/core/services/http/GetAssetIssueByAccountServlet.java index 68849890aec..de2eaa60a6f 100644 --- a/src/main/java/org/tron/core/services/http/GetAssetIssueByAccountServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAssetIssueByAccountServlet.java @@ -46,6 +46,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String account = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(account); Account.Builder build = Account.newBuilder(); JsonFormat.merge(account, build); AssetIssueList reply = wallet.getAssetIssueByAccount(build.getAddress()); diff --git a/src/main/java/org/tron/core/services/http/GetAssetIssueByIdServlet.java b/src/main/java/org/tron/core/services/http/GetAssetIssueByIdServlet.java index f48d08b0687..a5bc0ef6a1e 100644 --- a/src/main/java/org/tron/core/services/http/GetAssetIssueByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAssetIssueByIdServlet.java @@ -42,6 +42,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); JSONObject jsonObject = JSONObject.parseObject(input); String id = jsonObject.getString("value"); diff --git a/src/main/java/org/tron/core/services/http/GetAssetIssueByNameServlet.java b/src/main/java/org/tron/core/services/http/GetAssetIssueByNameServlet.java index 22f0b8ac969..f1b37dc1aeb 100644 --- a/src/main/java/org/tron/core/services/http/GetAssetIssueByNameServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAssetIssueByNameServlet.java @@ -1,6 +1,5 @@ package org.tron.core.services.http; -import com.alibaba.fastjson.JSONObject; import com.google.protobuf.ByteString; import java.io.IOException; import java.util.stream.Collectors; @@ -47,6 +46,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); AssetIssueContract reply = wallet.getAssetIssueByName(build.getValue()); diff --git a/src/main/java/org/tron/core/services/http/GetAssetIssueListByNameServlet.java b/src/main/java/org/tron/core/services/http/GetAssetIssueListByNameServlet.java index c48d11a3aa9..8ed27089ed9 100644 --- a/src/main/java/org/tron/core/services/http/GetAssetIssueListByNameServlet.java +++ b/src/main/java/org/tron/core/services/http/GetAssetIssueListByNameServlet.java @@ -13,7 +13,6 @@ import org.tron.api.GrpcAPI.BytesMessage; import org.tron.common.utils.ByteArray; import org.tron.core.Wallet; -import org.tron.protos.Contract.AssetIssueContract; @Component @Slf4j(topic = "API") @@ -46,6 +45,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); AssetIssueList reply = wallet.getAssetIssueListByName(build.getValue()); diff --git a/src/main/java/org/tron/core/services/http/GetBlockByIdServlet.java b/src/main/java/org/tron/core/services/http/GetBlockByIdServlet.java index 253785fc772..a5caff82c75 100644 --- a/src/main/java/org/tron/core/services/http/GetBlockByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetBlockByIdServlet.java @@ -44,6 +44,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); Block reply = wallet.getBlockById(build.getValue()); diff --git a/src/main/java/org/tron/core/services/http/GetBlockByLatestNumServlet.java b/src/main/java/org/tron/core/services/http/GetBlockByLatestNumServlet.java index fc6d17c8bb5..0ea492d6f27 100644 --- a/src/main/java/org/tron/core/services/http/GetBlockByLatestNumServlet.java +++ b/src/main/java/org/tron/core/services/http/GetBlockByLatestNumServlet.java @@ -45,6 +45,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); NumberMessage.Builder build = NumberMessage.newBuilder(); JsonFormat.merge(input, build); long getNum = build.getNum(); diff --git a/src/main/java/org/tron/core/services/http/GetBlockByLimitNextServlet.java b/src/main/java/org/tron/core/services/http/GetBlockByLimitNextServlet.java index a4fbd0d02dd..68c3bdf1fef 100644 --- a/src/main/java/org/tron/core/services/http/GetBlockByLimitNextServlet.java +++ b/src/main/java/org/tron/core/services/http/GetBlockByLimitNextServlet.java @@ -46,6 +46,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BlockLimit.Builder build = BlockLimit.newBuilder(); JsonFormat.merge(input, build); long startNum = build.getStartNum(); diff --git a/src/main/java/org/tron/core/services/http/GetBlockByNumServlet.java b/src/main/java/org/tron/core/services/http/GetBlockByNumServlet.java index 7a44d203862..c2d77219055 100644 --- a/src/main/java/org/tron/core/services/http/GetBlockByNumServlet.java +++ b/src/main/java/org/tron/core/services/http/GetBlockByNumServlet.java @@ -42,6 +42,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); NumberMessage.Builder build = NumberMessage.newBuilder(); JsonFormat.merge(input, build); Block reply = wallet.getBlockByNum(build.getNum()); diff --git a/src/main/java/org/tron/core/services/http/GetContractServlet.java b/src/main/java/org/tron/core/services/http/GetContractServlet.java index 4f5272cfd2a..d13d15b157d 100644 --- a/src/main/java/org/tron/core/services/http/GetContractServlet.java +++ b/src/main/java/org/tron/core/services/http/GetContractServlet.java @@ -29,7 +29,8 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response) { BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(jsonObject.toJSONString(), build); SmartContract smartContract = wallet.getContract(build.build()); - JSONObject jsonSmartContract = JSONObject.parseObject(JsonFormat.printToString(smartContract)); + JSONObject jsonSmartContract = JSONObject + .parseObject(JsonFormat.printToString(smartContract)); response.getWriter().println(jsonSmartContract.toJSONString()); } catch (Exception e) { logger.debug("Exception: {}", e.getMessage()); @@ -45,10 +46,12 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); SmartContract smartContract = wallet.getContract(build.build()); - JSONObject jsonSmartContract = JSONObject.parseObject(JsonFormat.printToString(smartContract)); + JSONObject jsonSmartContract = JSONObject + .parseObject(JsonFormat.printToString(smartContract)); response.getWriter().println(jsonSmartContract.toJSONString()); } catch (Exception e) { logger.debug("Exception: {}", e.getMessage()); diff --git a/src/main/java/org/tron/core/services/http/GetDelegatedResourceAccountIndexServlet.java b/src/main/java/org/tron/core/services/http/GetDelegatedResourceAccountIndexServlet.java index 7b1efde8e44..0e6612d02ea 100644 --- a/src/main/java/org/tron/core/services/http/GetDelegatedResourceAccountIndexServlet.java +++ b/src/main/java/org/tron/core/services/http/GetDelegatedResourceAccountIndexServlet.java @@ -18,7 +18,8 @@ @Slf4j(topic = "API") public class GetDelegatedResourceAccountIndexServlet extends HttpServlet { - @Autowired private Wallet wallet; + @Autowired + private Wallet wallet; protected void doGet(HttpServletRequest request, HttpServletResponse response) { try { @@ -45,6 +46,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); DelegatedResourceAccountIndex reply = diff --git a/src/main/java/org/tron/core/services/http/GetDelegatedResourceServlet.java b/src/main/java/org/tron/core/services/http/GetDelegatedResourceServlet.java index ce7afba8be5..36bdb380585 100644 --- a/src/main/java/org/tron/core/services/http/GetDelegatedResourceServlet.java +++ b/src/main/java/org/tron/core/services/http/GetDelegatedResourceServlet.java @@ -18,7 +18,8 @@ @Slf4j(topic = "API") public class GetDelegatedResourceServlet extends HttpServlet { - @Autowired private Wallet wallet; + @Autowired + private Wallet wallet; protected void doGet(HttpServletRequest request, HttpServletResponse response) { try { @@ -48,6 +49,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines().collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); DelegatedResourceMessage.Builder build = DelegatedResourceMessage.newBuilder(); JsonFormat.merge(input, build); DelegatedResourceList reply = diff --git a/src/main/java/org/tron/core/services/http/GetExchangeByIdServlet.java b/src/main/java/org/tron/core/services/http/GetExchangeByIdServlet.java index 6532214fc6a..cb3d7535233 100644 --- a/src/main/java/org/tron/core/services/http/GetExchangeByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetExchangeByIdServlet.java @@ -25,6 +25,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); JSONObject jsonObject = JSONObject.parseObject(input); long id = jsonObject.getLong("id"); response.getWriter() diff --git a/src/main/java/org/tron/core/services/http/GetPaginatedAssetIssueListServlet.java b/src/main/java/org/tron/core/services/http/GetPaginatedAssetIssueListServlet.java index 84ca6b1e232..c78ff7aa597 100644 --- a/src/main/java/org/tron/core/services/http/GetPaginatedAssetIssueListServlet.java +++ b/src/main/java/org/tron/core/services/http/GetPaginatedAssetIssueListServlet.java @@ -28,6 +28,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); PaginatedMessage.Builder build = PaginatedMessage.newBuilder(); JsonFormat.merge(input, build); AssetIssueList reply = wallet.getAssetIssueList(build.getOffset(), build.getLimit()); diff --git a/src/main/java/org/tron/core/services/http/GetPaginatedExchangeListServlet.java b/src/main/java/org/tron/core/services/http/GetPaginatedExchangeListServlet.java index a80d3f64551..53ecf527a30 100644 --- a/src/main/java/org/tron/core/services/http/GetPaginatedExchangeListServlet.java +++ b/src/main/java/org/tron/core/services/http/GetPaginatedExchangeListServlet.java @@ -28,6 +28,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); PaginatedMessage.Builder build = PaginatedMessage.newBuilder(); JsonFormat.merge(input, build); ExchangeList reply = wallet.getPaginatedExchangeList(build.getOffset(), build.getLimit()); diff --git a/src/main/java/org/tron/core/services/http/GetPaginatedProposalListServlet.java b/src/main/java/org/tron/core/services/http/GetPaginatedProposalListServlet.java index 33313197e68..113f42d765c 100644 --- a/src/main/java/org/tron/core/services/http/GetPaginatedProposalListServlet.java +++ b/src/main/java/org/tron/core/services/http/GetPaginatedProposalListServlet.java @@ -28,6 +28,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); PaginatedMessage.Builder build = PaginatedMessage.newBuilder(); JsonFormat.merge(input, build); ProposalList reply = wallet.getPaginatedProposalList(build.getOffset(), build.getLimit()); diff --git a/src/main/java/org/tron/core/services/http/GetProposalByIdServlet.java b/src/main/java/org/tron/core/services/http/GetProposalByIdServlet.java index f8e87acbe28..27167ef22f1 100644 --- a/src/main/java/org/tron/core/services/http/GetProposalByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetProposalByIdServlet.java @@ -45,6 +45,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); JSONObject jsonObject = JSONObject.parseObject(input); long id = jsonObject.getLong("id"); Proposal reply = wallet.getProposalById(ByteString.copyFrom(ByteArray.fromLong(id))); diff --git a/src/main/java/org/tron/core/services/http/GetTransactionApprovedListServlet.java b/src/main/java/org/tron/core/services/http/GetTransactionApprovedListServlet.java index c3f90d6bd53..aba6297d77a 100644 --- a/src/main/java/org/tron/core/services/http/GetTransactionApprovedListServlet.java +++ b/src/main/java/org/tron/core/services/http/GetTransactionApprovedListServlet.java @@ -28,6 +28,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); Transaction transaction = Util.packTransaction(input); TransactionApprovedList reply = wallet.getTransactionApprovedList(transaction); if (reply != null) { diff --git a/src/main/java/org/tron/core/services/http/GetTransactionByIdServlet.java b/src/main/java/org/tron/core/services/http/GetTransactionByIdServlet.java index fd93f1506cf..1a1c688b96b 100644 --- a/src/main/java/org/tron/core/services/http/GetTransactionByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetTransactionByIdServlet.java @@ -45,6 +45,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); Transaction reply = wallet.getTransactionById(build.getValue()); diff --git a/src/main/java/org/tron/core/services/http/GetTransactionCountByBlockNumServlet.java b/src/main/java/org/tron/core/services/http/GetTransactionCountByBlockNumServlet.java index 8884a9e0e13..ae5e3db8d10 100644 --- a/src/main/java/org/tron/core/services/http/GetTransactionCountByBlockNumServlet.java +++ b/src/main/java/org/tron/core/services/http/GetTransactionCountByBlockNumServlet.java @@ -22,7 +22,7 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response) { try { long num = Long.parseLong(request.getParameter("num")); long count = wallet.getTransactionCountByBlockNum(num); - response.getWriter().println("{\"count\": "+ count + "}"); + response.getWriter().println("{\"count\": " + count + "}"); } catch (Exception e) { logger.debug("Exception: {}", e.getMessage()); try { @@ -37,10 +37,11 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); NumberMessage.Builder build = NumberMessage.newBuilder(); JsonFormat.merge(input, build); long count = wallet.getTransactionCountByBlockNum(build.getNum()); - response.getWriter().println("{\"count\": "+ count + "}"); + response.getWriter().println("{\"count\": " + count + "}"); } catch (Exception e) { logger.debug("Exception: {}", e.getMessage()); try { diff --git a/src/main/java/org/tron/core/services/http/GetTransactionInfoByIdServlet.java b/src/main/java/org/tron/core/services/http/GetTransactionInfoByIdServlet.java index 27a353e200e..8148e0cc068 100644 --- a/src/main/java/org/tron/core/services/http/GetTransactionInfoByIdServlet.java +++ b/src/main/java/org/tron/core/services/http/GetTransactionInfoByIdServlet.java @@ -45,6 +45,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); TransactionInfo reply = wallet.getTransactionInfoById(build.getValue()); diff --git a/src/main/java/org/tron/core/services/http/GetTransactionSignWeightServlet.java b/src/main/java/org/tron/core/services/http/GetTransactionSignWeightServlet.java index ca6aeeb9fd8..80ae69f7960 100644 --- a/src/main/java/org/tron/core/services/http/GetTransactionSignWeightServlet.java +++ b/src/main/java/org/tron/core/services/http/GetTransactionSignWeightServlet.java @@ -28,6 +28,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); Transaction transaction = Util.packTransaction(input); TransactionSignWeight reply = wallet.getTransactionSignWeight(transaction); if (reply != null) { diff --git a/src/main/java/org/tron/core/services/http/ParticipateAssetIssueServlet.java b/src/main/java/org/tron/core/services/http/ParticipateAssetIssueServlet.java index f5af8e9e04c..58b973b6539 100644 --- a/src/main/java/org/tron/core/services/http/ParticipateAssetIssueServlet.java +++ b/src/main/java/org/tron/core/services/http/ParticipateAssetIssueServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ParticipateAssetIssueContract.Builder build = ParticipateAssetIssueContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ProposalApproveServlet.java b/src/main/java/org/tron/core/services/http/ProposalApproveServlet.java index ce8102b0d43..9d37208519c 100644 --- a/src/main/java/org/tron/core/services/http/ProposalApproveServlet.java +++ b/src/main/java/org/tron/core/services/http/ProposalApproveServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ProposalApproveContract.Builder build = ProposalApproveContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ProposalCreateServlet.java b/src/main/java/org/tron/core/services/http/ProposalCreateServlet.java index 44281d68c46..3214c8c7670 100644 --- a/src/main/java/org/tron/core/services/http/ProposalCreateServlet.java +++ b/src/main/java/org/tron/core/services/http/ProposalCreateServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ProposalCreateContract.Builder build = ProposalCreateContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ProposalDeleteServlet.java b/src/main/java/org/tron/core/services/http/ProposalDeleteServlet.java index ca02f981de5..f94f59ce52a 100644 --- a/src/main/java/org/tron/core/services/http/ProposalDeleteServlet.java +++ b/src/main/java/org/tron/core/services/http/ProposalDeleteServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); ProposalDeleteContract.Builder build = ProposalDeleteContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/TransactionSignServlet.java b/src/main/java/org/tron/core/services/http/TransactionSignServlet.java index 9a06a80c26f..68ef640b944 100644 --- a/src/main/java/org/tron/core/services/http/TransactionSignServlet.java +++ b/src/main/java/org/tron/core/services/http/TransactionSignServlet.java @@ -30,6 +30,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); JSONObject input = JSONObject.parseObject(contract); String strTransaction = input.getJSONObject("transaction").toJSONString(); Transaction transaction = Util.packTransaction(strTransaction); diff --git a/src/main/java/org/tron/core/services/http/TransferAssetServlet.java b/src/main/java/org/tron/core/services/http/TransferAssetServlet.java index f67741ee804..a645e299472 100644 --- a/src/main/java/org/tron/core/services/http/TransferAssetServlet.java +++ b/src/main/java/org/tron/core/services/http/TransferAssetServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); TransferAssetContract.Builder build = TransferAssetContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/TransferServlet.java b/src/main/java/org/tron/core/services/http/TransferServlet.java index b152f6b4d0e..3fa5b18a933 100644 --- a/src/main/java/org/tron/core/services/http/TransferServlet.java +++ b/src/main/java/org/tron/core/services/http/TransferServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); TransferContract.Builder build = TransferContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet.createTransactionCapsule(build.build(), ContractType.TransferContract) diff --git a/src/main/java/org/tron/core/services/http/TriggerSmartContractServlet.java b/src/main/java/org/tron/core/services/http/TriggerSmartContractServlet.java index 873845edec2..9676d13953b 100644 --- a/src/main/java/org/tron/core/services/http/TriggerSmartContractServlet.java +++ b/src/main/java/org/tron/core/services/http/TriggerSmartContractServlet.java @@ -55,6 +55,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); JsonFormat.merge(contract, build); JSONObject jsonObject = JSONObject.parseObject(contract); String selector = jsonObject.getString("function_selector"); diff --git a/src/main/java/org/tron/core/services/http/UnFreezeAssetServlet.java b/src/main/java/org/tron/core/services/http/UnFreezeAssetServlet.java index 56e7e3d1a68..1fbfc9b2299 100644 --- a/src/main/java/org/tron/core/services/http/UnFreezeAssetServlet.java +++ b/src/main/java/org/tron/core/services/http/UnFreezeAssetServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); UnfreezeAssetContract.Builder build = UnfreezeAssetContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/UnFreezeBalanceServlet.java b/src/main/java/org/tron/core/services/http/UnFreezeBalanceServlet.java index 6de367fae5f..f62840cd25e 100644 --- a/src/main/java/org/tron/core/services/http/UnFreezeBalanceServlet.java +++ b/src/main/java/org/tron/core/services/http/UnFreezeBalanceServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); UnfreezeBalanceContract.Builder build = UnfreezeBalanceContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/UpdateAccountServlet.java b/src/main/java/org/tron/core/services/http/UpdateAccountServlet.java index d0a09ad13d4..08754bcd877 100644 --- a/src/main/java/org/tron/core/services/http/UpdateAccountServlet.java +++ b/src/main/java/org/tron/core/services/http/UpdateAccountServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); AccountUpdateContract.Builder build = AccountUpdateContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/UpdateAssetServlet.java b/src/main/java/org/tron/core/services/http/UpdateAssetServlet.java index 53c502b2e75..c316acba3aa 100644 --- a/src/main/java/org/tron/core/services/http/UpdateAssetServlet.java +++ b/src/main/java/org/tron/core/services/http/UpdateAssetServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); UpdateAssetContract.Builder build = UpdateAssetContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/UpdateEnergyLimitServlet.java b/src/main/java/org/tron/core/services/http/UpdateEnergyLimitServlet.java index 3cbc3cee07a..d34d15e04d6 100644 --- a/src/main/java/org/tron/core/services/http/UpdateEnergyLimitServlet.java +++ b/src/main/java/org/tron/core/services/http/UpdateEnergyLimitServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); UpdateEnergyLimitContract.Builder build = UpdateEnergyLimitContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/UpdateSettingServlet.java b/src/main/java/org/tron/core/services/http/UpdateSettingServlet.java index f2db90a6e97..bf1a613dc2a 100644 --- a/src/main/java/org/tron/core/services/http/UpdateSettingServlet.java +++ b/src/main/java/org/tron/core/services/http/UpdateSettingServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); UpdateSettingContract.Builder build = UpdateSettingContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/UpdateWitnessServlet.java b/src/main/java/org/tron/core/services/http/UpdateWitnessServlet.java index faa4a770b09..a5a9e80bb29 100644 --- a/src/main/java/org/tron/core/services/http/UpdateWitnessServlet.java +++ b/src/main/java/org/tron/core/services/http/UpdateWitnessServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); WitnessUpdateContract.Builder build = WitnessUpdateContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/ValidateAddressServlet.java b/src/main/java/org/tron/core/services/http/ValidateAddressServlet.java index f7490bd7d32..55f24a40187 100644 --- a/src/main/java/org/tron/core/services/http/ValidateAddressServlet.java +++ b/src/main/java/org/tron/core/services/http/ValidateAddressServlet.java @@ -71,10 +71,11 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); JSONObject jsonAddress = JSON.parseObject(input); response.getWriter().println(validAddress(jsonAddress.getString("address"))); - } catch (IOException e) { - logger.debug("IOException: {}", e.getMessage()); + } catch (Exception e) { + logger.debug("Exception: {}", e.getMessage()); } } } \ No newline at end of file diff --git a/src/main/java/org/tron/core/services/http/VoteWitnessAccountServlet.java b/src/main/java/org/tron/core/services/http/VoteWitnessAccountServlet.java index 72886b24d9d..c6600fdb911 100644 --- a/src/main/java/org/tron/core/services/http/VoteWitnessAccountServlet.java +++ b/src/main/java/org/tron/core/services/http/VoteWitnessAccountServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); VoteWitnessContract.Builder build = VoteWitnessContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/WithdrawBalanceServlet.java b/src/main/java/org/tron/core/services/http/WithdrawBalanceServlet.java index cd582db7ac1..46006796cee 100644 --- a/src/main/java/org/tron/core/services/http/WithdrawBalanceServlet.java +++ b/src/main/java/org/tron/core/services/http/WithdrawBalanceServlet.java @@ -29,6 +29,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String contract = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(contract); WithdrawBalanceContract.Builder build = WithdrawBalanceContract.newBuilder(); JsonFormat.merge(contract, build); Transaction tx = wallet diff --git a/src/main/java/org/tron/core/services/http/solidity/GetTransactionByIdSolidityServlet.java b/src/main/java/org/tron/core/services/http/solidity/GetTransactionByIdSolidityServlet.java index fd1f58a92dd..bc4915f7c60 100644 --- a/src/main/java/org/tron/core/services/http/solidity/GetTransactionByIdSolidityServlet.java +++ b/src/main/java/org/tron/core/services/http/solidity/GetTransactionByIdSolidityServlet.java @@ -12,7 +12,6 @@ import org.tron.api.GrpcAPI.BytesMessage; import org.tron.common.utils.ByteArray; import org.tron.core.Wallet; -import org.tron.core.WalletSolidity; import org.tron.core.services.http.JsonFormat; import org.tron.core.services.http.Util; import org.tron.protos.Protocol.Transaction; @@ -48,6 +47,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); Transaction reply = wallet.getTransactionById(build.build().getValue()); diff --git a/src/main/java/org/tron/core/services/http/solidity/GetTransactionInfoByIdSolidityServlet.java b/src/main/java/org/tron/core/services/http/solidity/GetTransactionInfoByIdSolidityServlet.java index 3dc4ce139c2..d0cd7b743e3 100644 --- a/src/main/java/org/tron/core/services/http/solidity/GetTransactionInfoByIdSolidityServlet.java +++ b/src/main/java/org/tron/core/services/http/solidity/GetTransactionInfoByIdSolidityServlet.java @@ -12,8 +12,8 @@ import org.tron.api.GrpcAPI.BytesMessage; import org.tron.common.utils.ByteArray; import org.tron.core.Wallet; -import org.tron.core.WalletSolidity; import org.tron.core.services.http.JsonFormat; +import org.tron.core.services.http.Util; import org.tron.protos.Protocol.TransactionInfo; @@ -50,6 +50,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String input = request.getReader().lines() .collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); BytesMessage.Builder build = BytesMessage.newBuilder(); JsonFormat.merge(input, build); TransactionInfo transInfo = wallet.getTransactionInfoById(build.build().getValue()); diff --git a/src/main/java/org/tron/core/services/http/solidity/GetTransactionsFromThisServlet.java b/src/main/java/org/tron/core/services/http/solidity/GetTransactionsFromThisServlet.java index 8ed9d8e49a6..0bec27ff854 100644 --- a/src/main/java/org/tron/core/services/http/solidity/GetTransactionsFromThisServlet.java +++ b/src/main/java/org/tron/core/services/http/solidity/GetTransactionsFromThisServlet.java @@ -26,6 +26,7 @@ public class GetTransactionsFromThisServlet extends HttpServlet { protected void doPost(HttpServletRequest req, HttpServletResponse resp) { try { String input = req.getReader().lines().collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); AccountPaginated.Builder builder = AccountPaginated.newBuilder(); JsonFormat.merge(input, builder); AccountPaginated accountPaginated = builder.build(); diff --git a/src/main/java/org/tron/core/services/http/solidity/GetTransactionsToThisServlet.java b/src/main/java/org/tron/core/services/http/solidity/GetTransactionsToThisServlet.java index 859501cfd50..84523098dc1 100644 --- a/src/main/java/org/tron/core/services/http/solidity/GetTransactionsToThisServlet.java +++ b/src/main/java/org/tron/core/services/http/solidity/GetTransactionsToThisServlet.java @@ -26,6 +26,7 @@ public class GetTransactionsToThisServlet extends HttpServlet { protected void doPost(HttpServletRequest req, HttpServletResponse resp) { try { String input = req.getReader().lines().collect(Collectors.joining(System.lineSeparator())); + Util.checkBodySize(input); AccountPaginated.Builder builder = AccountPaginated.newBuilder(); JsonFormat.merge(input, builder); AccountPaginated accountPaginated = builder.build();