[QFJ-278] method extractField(Group group, DataDictionary dataDictionary, FieldMap fields) don't check The length of "sohOffset" Created: 24/Dec/07  Updated: 01/Feb/08

Status: Open
Project: QuickFIX/J
Component/s: Engine
Affects Version/s: 1.2.1
Fix Version/s: Future Releases

Type: Bug Priority: Default
Reporter: CaiQi Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None


 Description   

In the class Message, method extractField(Group group, DataDictionary dataDictionary, FieldMap fields): The length of "sohOffset" is not checked. This will bring about full range of the message received as Message string out of range.

For all the field, if it is dataField, its length must be calculated by the former Field(Except for Tag 89/93). Because the data may contain a SOH.
For example, field 355 is dataField. Its length is in Field 354.
We must check the offset of the dataField is shorter than length of the message, and the offset's next char is SOH.

Add this code into Message.extractField():

//Judge if sohOffset's next char is '\001'.
if(messageData.indexOf('\001', sohOffset) != sohOffset)
throw new InvalidMessage("Wrong length of data field.");
//Judge if sohOffset is shorter than fields.
if(sohOffset > messageData.length())
throw new InvalidMessage("Wrong length of data field.");



 Comments   
Comment by CaiQi [ 24/Dec/07 ]

Initiator:send a message which is not comply with the protocol.
Acceptor:different problems occur.

For example, the dependances of fields. 354: the length of 355
354=10 355=123. The accptor will consider it that String out of range.
354=3 355=123. This is right.

Generated at Fri Mar 29 15:20:24 UTC 2024 using JIRA 7.5.2#75007-sha1:9f5725bb824792b3230a5d8716f0c13e296a3cae.