From e13091137120bcf85df32e5f740452901b745a07 Mon Sep 17 00:00:00 2001
From: kishan <kishan@cloud.com>
Date: Mon, 24 Oct 2011 18:01:57 +0530
Subject: [PATCH] bug 4844: Do not allow param values to be greater than length
 256 status 4844: resolved fixed

---
 server/src/com/cloud/api/ApiDispatcher.java | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/server/src/com/cloud/api/ApiDispatcher.java b/server/src/com/cloud/api/ApiDispatcher.java
index a3f455d8d37..845c3158aee 100755
--- a/server/src/com/cloud/api/ApiDispatcher.java
+++ b/server/src/com/cloud/api/ApiDispatcher.java
@@ -217,6 +217,9 @@ public class ApiDispatcher {
                     s_logger.debug("Invalid date parameter " + paramObj + " passed to command " + cmd.getCommandName().substring(0, cmd.getCommandName().length()-8));
                 }
                 throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to parse date " + paramObj + " for command " + cmd.getCommandName().substring(0, cmd.getCommandName().length()-8) + ", please pass dates in the format mentioned in the api documentation");
+            } catch (InvalidParameterValueException invEx){
+            	throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to execute API command " + cmd.getCommandName().substring(0, cmd.getCommandName().length()-8) + " due to invalid value " + paramObj + " for parameter "
+                        + parameterAnnotation.name());
             } catch (CloudRuntimeException cloudEx) {
                 // FIXME: Better error message? This only happens if the API command is not executable, which typically means
                 // there was
@@ -300,6 +303,10 @@ public class ApiDispatcher {
                 field.set(cmdObj, Short.valueOf(paramObj.toString()));
                 break;
             case STRING:
+            	if((paramObj != null) && paramObj.toString().length() > 256){
+            		s_logger.error("Value greater than max allowed length 256 for param: "+field.getName()+" Command: "+cmdObj.getCommandName().substring(0, cmdObj.getCommandName().length()-8));
+            		throw new InvalidParameterValueException("Value greater than max allowed length 256 for param: "+field.getName()+" Command: "+cmdObj.getCommandName().substring(0, cmdObj.getCommandName().length()-8));
+            	}
                 field.set(cmdObj, paramObj.toString());
                 break;
             case TZDATE: