如何限制从Socket通过ObjectInputStream读取的最大大小？ [英] How to limit the maximum size read via ObjectInputStream from a Socket?

问题描述

有没有办法限制从java中的ObjectInputStream读取的最大缓冲区大小？

Is there a way to limit the maximum buffer size to be read from an ObjectInputStream in java?

如果它变得清楚，那么我想停止反序列化有问题的是恶意巨大的。

I want to stop the deserialization if it becomes clear that the Object in question is crafted maliciously huge.

当然，有ObjectInputStream.read（byte [] buf，int off，int len），但我不想受苦分配的性能损失，比如字节[1000000]。

Of course, there is ObjectInputStream.read(byte[] buf, int off, int len), but I do not want to suffer the performance penalty of allocating, say byte[1000000].

我在这里遗漏了什么吗？

Am I missing something here?

推荐答案

你写了一个 FilterInputStream 如果发现它已经从其基础流中读取了超过一定数量的数据，则会抛出异常。

You write a FilterInputStream which will throw an exception if it discovers it has read more than a certain amount of data from its underlying stream.

这篇关于如何限制从Socket通过ObjectInputStream读取的最大大小？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！