How to read a file or stream in Most Robust way using Java? | Community
Skip to main content
K
karthickv998656
August 26, 2019

How to read a file or stream in Most Robust way using Java?

  • August 26, 2019
  • 2 replies
  • 5552 views

protected void doPost(SlingHttpServletRequest req, SlingHttpServletResponse resp) throws IOException {

BufferedReader reader = req.getReader();

try{

String line = reader != null ? reader.readLine() : null;

}finally{

reader.close();

}

The above code went for a review with the Security team and the following comments were received:

  1. BufferedReader.readLine is susceptible to DOS (Denial of Service) attacks (line of infinite length, huge file containing no line feed/carriage return)
  2. Resource exhaustion for the StringBuilder variable (cases when a file containing data greater than the available memory).

How to resolve the above issue?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

2 replies

rampai
Community Advisor
rampaiCommunity Advisor
Community Advisor
August 26, 2019

Hi karthickv99865601​,

Can you please check if this is of any help since this query is not AEM specific?

The suggestion is to leverage StringBuffer to split the stream and read it in chunks rather than one whole stream.

https://stackoverflow.com/questions/17084657/most-robust-way-of-reading-a-file-or-stream-using-java-to-prevent-dos-attac…

Regards,

Ram

K
karthickv998656Author
August 26, 2019

Hi rampai,

I have tried that too, but its throwing error.

Terms & ConditionsAccessibility statement

Loading footer...