如何限制从Socket通过ObjectInputStream读取的最大大小? [英] How to limit the maximum size read via ObjectInputStream from a Socket?
问题描述
有没有办法限制从java中的ObjectInputStream读取的最大缓冲区大小?
Is there a way to limit the maximum buffer size to be read from an ObjectInputStream in java?
如果它变得清楚,那么我想停止反序列化有问题的是恶意巨大的。
I want to stop the deserialization if it becomes clear that the Object in question is crafted maliciously huge.
当然,有ObjectInputStream.read(byte [] buf,int off,int len),但我不想受苦分配的性能损失,比如字节[1000000]。
Of course, there is ObjectInputStream.read(byte[] buf, int off, int len), but I do not want to suffer the performance penalty of allocating, say byte[1000000].
我在这里遗漏了什么吗?
Am I missing something here?
推荐答案
你写了一个 FilterInputStream
如果发现它已经从其基础流中读取了超过一定数量的数据,则会抛出异常。
You write a FilterInputStream
which will throw an exception if it discovers it has read more than a certain amount of data from its underlying stream.
这篇关于如何限制从Socket通过ObjectInputStream读取的最大大小?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!