0

我在这里得到了 2 个简单的代码:

服务器:

package myserver;

import java.io.*;
import java.net.*;

class MyServer {

public static void main(String argv[]) throws Exception {
    String clientSentence;
    String capitalizedSentence;
    ServerSocket welcomeSocket = new ServerSocket(6789);
    while (true) {
        Socket connectionSocket = welcomeSocket.accept();
        BufferedReader inFromClient = new BufferedReader(new InputStreamReader(connectionSocket.getInputStream()));
        DataOutputStream outToClient = new DataOutputStream(connectionSocket.getOutputStream());
        clientSentence = inFromClient.readLine();
        System.out.println("Received: " + clientSentence);
        capitalizedSentence = clientSentence.toUpperCase() + '\n';
        outToClient.writeBytes(capitalizedSentence);
    }
    }
}

客户:

package myclient;

import java.lang.*;
import java.io.*;
import java.net.*;
import java.util.Scanner;

class MyClient {

public static void main(String argv[]) throws Exception {
    String sentence;
    String modifiedSentence;
    BufferedReader inFromUser = new BufferedReader(new InputStreamReader(System.in));
    Socket clientSocket = new Socket("localhost", 6789);
    DataOutputStream outToServer = new DataOutputStream(clientSocket.getOutputStream());
    BufferedReader inFromServer = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));
    sentence = inFromUser.readLine();
    outToServer.writeBytes(sentence + '\n');
    modifiedSentence = inFromServer.readLine();
    System.out.println("FROM SERVER: " + modifiedSentence);
    clientSocket.close();
}
}

现在....如果我向公众开放这台服务器,发送修改后的包并进入系统是否有任何安全风险?(服务器正在使用一些 Linux dist。)还是只能发送简单的字符串?

4

2 回答 2

0

这段代码只会读取一个字节序列并将它们打印出来(并发送响应)。据我所知,这是完全没有风险的。

于 2013-10-20T21:38:09.250 回答
0

有人可以通过发送大量没有换行符的数据来使 Java 进程崩溃。根据您为 JVM 提供的内存量,这可能会影响运行程序的服务器。

于 2013-10-20T23:24:32.360 回答