Moderate severityNVD Advisory· Published May 7, 2025· Updated Nov 3, 2025

Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation

CVE-2025-27533

Description

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ.

During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections. This issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected.

Users are recommended to upgrade to version 6.1.6+, 5.19.0+, 5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue.

Existing users may implement mutual TLS to mitigate the risk on affected brokers.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Apache ActiveMQ OpenWire unmarshalling fails to validate buffer size values, allowing remote unauthenticated attackers to cause a denial of service via excessive memory allocation unless mutual TLS is used.

Vulnerability

Description

CVE-2025-27533 is a denial of service vulnerability in Apache ActiveMQ's handling of OpenWire commands. During the unmarshalling process, the size field of buffers is not properly validated, allowing a remote attacker to send a specially crafted message that causes the broker to allocate an excessive amount of memory [1][2]. This can lead to an OutOfMemoryError, crashing the broker and affecting all applications and services that depend on it.

Attack

Vector and Exploitation

The vulnerability is present in the OpenWire format implementation, specifically in methods like looseUnmarshalByteSequence used during unmarshalling. Even when a maxFrameSize limit is configured, the check is applied too early; the actual allocation uses a size value read later in the processing, which can be much larger [3]. An attacker can exploit this by sending a malicious OpenWire command to the broker's TCP port. No authentication is required unless the broker enforces it; the official advisory notes that brokers not using mutual TLS connections are especially at risk [2].

Impact

Successful exploitation results in a denial of service: the broker exhausts available process memory and crashes, becoming unavailable. Depending on the deployment, this could disrupt messaging between clients, break integrations, or require manual intervention to restart the broker. The vulnerability is classified as a high-severity issue (CVSS score not yet finalized but described as high impact on availability).

Mitigation

Apache has released patched versions: ActiveMQ 6.1.6, 5.19.0, 5.18.7, 5.17.7, and 5.16.8 fix the improper validation [1][2]. Users unable to upgrade immediately can mitigate the risk by enabling mutual TLS between clients and the broker, which prevents unauthenticated attackers from sending malicious OpenWire frames [2]. No workaround is available for installations that have not upgraded and do not use mTLS.

References

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.apache.activemq:activemq-openwire-legacyMaven	< 5.16.8	5.16.8
org.apache.activemq:activemq-clientMaven	< 5.16.8	5.16.8
org.apache.activemq:activemq-openwire-legacyMaven	>= 5.17.0, < 5.17.7	5.17.7
org.apache.activemq:activemq-openwire-legacyMaven	>= 5.18.0, < 5.18.7	5.18.7
org.apache.activemq:activemq-openwire-legacyMaven	>= 6.0.0, < 6.1.6	6.1.6
org.apache.activemq:activemq-clientMaven	>= 5.17.0, < 5.17.7	5.17.7
org.apache.activemq:activemq-clientMaven	>= 5.18.0, < 5.18.7	5.18.7
org.apache.activemq:activemq-clientMaven	>= 6.0.0, < 6.1.6	6.1.6

Affected products

Apache/Activemqllm-fuzzy
Range: >=5.16.0 <5.16.8 || >=5.17.0 <5.17.7 || >=5.18.0 <5.18.7 || >=6.0.0 <6.1.6
osv-coords9 versions
pkg:apk/chainguard/zipkin pkg:apk/chainguard/zipkin-oci-entrypoint pkg:apk/chainguard/zipkin-slim pkg:apk/wolfi/zipkin pkg:apk/wolfi/zipkin-oci-entrypoint pkg:apk/wolfi/zipkin-slim pkg:bitnami/activemq pkg:maven/org.apache.activemq/activemq-client pkg:maven/org.apache.activemq/activemq-openwire-legacy
< 3.5.1-r1+ 8 more
- (no CPE)range: < 3.5.1-r1
- (no CPE)range: < 3.5.1-r1
- (no CPE)range: < 3.5.1-r1
- (no CPE)range: < 3.5.1-r1
- (no CPE)range: < 3.5.1-r1
- (no CPE)range: < 3.5.1-r1
- (no CPE)range: >= 5.16.0, < 5.16.8
- (no CPE)range: < 5.16.8
- (no CPE)range: < 5.16.8
Apache Software Foundation/Apache ActiveMQv5
Range: 6.0.0

Patches

fc4372b9f0f7

Merge pull request #1399 from cshannon/buffer-validation

https://github.com/apache/activemqChristopher L. ShannonFeb 25, 2025via ghsa

commit

74 files changed · +796 −259

activemq-client/pom.xml+5 −0 modified

@@ -79,6 +79,11 @@
       <artifactId>log4j-slf4j2-impl</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.javassist</groupId>
+      <artifactId>javassist</artifactId>
+      <scope>test</scope>
+    </dependency>
 
   </dependencies>

activemq-client/src/main/java/org/apache/activemq/openwire/OpenWireFormat.java+85 −33 modified

@@ -48,7 +48,7 @@ public final class OpenWireFormat implements WireFormat {
     private static final int MARSHAL_CACHE_SIZE = Short.MAX_VALUE / 2;
     private static final int MARSHAL_CACHE_FREE_SPACE = 100;
 
-    private DataStreamMarshaller dataMarshallers[];
+    private DataStreamMarshaller[] dataMarshallers;
     private int version;
     private boolean stackTraceEnabled;
     private boolean tcpNoDelayEnabled;
@@ -61,13 +61,22 @@ public final class OpenWireFormat implements WireFormat {
     // The following fields are used for value caching
     private short nextMarshallCacheIndex;
     private short nextMarshallCacheEvictionIndex;
-    private Map<DataStructure, Short> marshallCacheMap = new HashMap<DataStructure, Short>();
+    private Map<DataStructure, Short> marshallCacheMap = new HashMap<>();
     private DataStructure marshallCache[] = null;
     private DataStructure unmarshallCache[] = null;
-    private DataByteArrayOutputStream bytesOut = new DataByteArrayOutputStream();
-    private DataByteArrayInputStream bytesIn = new DataByteArrayInputStream();
+    private final DataByteArrayOutputStream bytesOut = new DataByteArrayOutputStream();
+    private final DataByteArrayInputStream bytesIn = new DataByteArrayInputStream();
     private WireFormatInfo preferedWireFormatInfo;
 
+    // Used to track the currentFrameSize for validation during unmarshalling
+    // Ideally we would pass the MarshallingContext directly to the marshalling methods,
+    // however this would require modifying the DataStreamMarshaller interface which would result
+    // in hundreds of existing methods having to be updated so this allows avoiding that and
+    // tracking the state without breaking the existing API.
+    // Note that while this is currently only used during unmarshalling, but if necessary could
+    // be extended in the future to be used during marshalling as well.
+    private final ThreadLocal<MarshallingContext> marshallingContext = new ThreadLocal<>();
+
     public OpenWireFormat() {
         this(DEFAULT_STORE_VERSION);
     }
@@ -191,26 +200,23 @@ public synchronized ByteSequence marshal(Object command) throws IOException {
     @Override
     public synchronized Object unmarshal(ByteSequence sequence) throws IOException {
         bytesIn.restart(sequence);
-        // DataInputStream dis = new DataInputStream(new
-        // ByteArrayInputStream(sequence));
-
-        if (!sizePrefixDisabled) {
-            int size = bytesIn.readInt();
-            if (sequence.getLength() - 4 != size) {
-                // throw new IOException("Packet size does not match marshaled
-                // size");
-            }
 
-            if (maxFrameSizeEnabled && size > maxFrameSize) {
-                throw IOExceptionSupport.createFrameSizeException(size, maxFrameSize);
+        try {
+            final var context = new MarshallingContext();
+            marshallingContext.set(context);
+
+            if (!sizePrefixDisabled) {
+                int size = bytesIn.readInt();
+                if (maxFrameSizeEnabled && size > maxFrameSize) {
+                    throw IOExceptionSupport.createFrameSizeException(size, maxFrameSize);
+                }
+                context.setFrameSize(size);
             }
+            return doUnmarshal(bytesIn);
+        } finally {
+            // After we unmarshal we can clear the context
+            marshallingContext.remove();
         }
-
-        Object command = doUnmarshal(bytesIn);
-        // if( !cacheEnabled && ((DataStructure)command).isMarshallAware() ) {
-        // ((MarshallAware) command).setCachedMarshalledForm(this, sequence);
-        // }
-        return command;
     }
 
     @Override
@@ -275,19 +281,22 @@ public synchronized void marshal(Object o, DataOutput dataOut) throws IOExceptio
 
     @Override
     public Object unmarshal(DataInput dis) throws IOException {
-        DataInput dataIn = dis;
-        if (!sizePrefixDisabled) {
-            int size = dis.readInt();
-            if (maxFrameSizeEnabled && size > maxFrameSize) {
-                throw IOExceptionSupport.createFrameSizeException(size, maxFrameSize);
+        try {
+            final var context = new MarshallingContext();
+            marshallingContext.set(context);
+
+          if (!sizePrefixDisabled) {
+                int size = dis.readInt();
+                if (maxFrameSizeEnabled && size > maxFrameSize) {
+                    throw IOExceptionSupport.createFrameSizeException(size, maxFrameSize);
+                }
+                context.setFrameSize(size);
             }
-            // int size = dis.readInt();
-            // byte[] data = new byte[size];
-            // dis.readFully(data);
-            // bytesIn.restart(data);
-            // dataIn = bytesIn;
+            return doUnmarshal(dis);
+        } finally {
+            // After we unmarshal we can clear
+            marshallingContext.remove();
         }
-        return doUnmarshal(dataIn);
     }
 
     /**
@@ -363,7 +372,7 @@ public void setVersion(int version) {
         this.version = version;
     }
 
-    public Object doUnmarshal(DataInput dis) throws IOException {
+    private Object doUnmarshal(DataInput dis) throws IOException {
         byte dataType = dis.readByte();
         if (dataType != NULL_TYPE) {
             DataStreamMarshaller dsm = dataMarshallers[dataType & 0xFF];
@@ -698,4 +707,47 @@ protected long min(long version1, long version2) {
         }
         return version2;
     }
+
+    MarshallingContext getMarshallingContext() {
+        return marshallingContext.get();
+    }
+
+    // Used to track the estimated allocated buffer sizes to validate
+    // against the current frame being processed
+    static class MarshallingContext {
+        // Use primitives to minimize memory footprint
+        private int frameSize = -1;
+        private int estimatedAllocated = 0;
+
+        void setFrameSize(int frameSize) throws IOException {
+            this.frameSize = frameSize;
+            if (frameSize < 0) {
+                throw error("Frame size " + frameSize + " can't be negative.");
+            }
+        }
+
+        void increment(int size) throws IOException {
+            if (size < 0) {
+                throw error("Size " + size + " can't be negative.");
+            }
+            try {
+                estimatedAllocated = Math.addExact(estimatedAllocated, size);
+            } catch (ArithmeticException e) {
+                throw error("Buffer overflow when incrementing size value: " + size);
+            }
+        }
+
+        public int getFrameSize() {
+            return frameSize;
+        }
+
+        public int getEstimatedAllocated() {
+            return estimatedAllocated;
+        }
+
+        private static IOException error(String errorMessage) {
+            return new IOException(new IllegalArgumentException(errorMessage));
+        }
+    }
+
 }

activemq-client/src/main/java/org/apache/activemq/openwire/OpenWireUtil.java+49 −2 modified

@@ -16,10 +16,13 @@
  */
 package org.apache.activemq.openwire;
 
+import java.io.IOException;
+import org.apache.activemq.util.IOExceptionSupport;
+
 public class OpenWireUtil {
 
-    private static final String jmsPackageToReplace = "javax.jms";
-    private static final String jmsPackageToUse = "jakarta.jms";
+    static final String jmsPackageToReplace = "javax.jms";
+    static final String jmsPackageToUse = "jakarta.jms";
 
     /**
      * Verify that the provided class extends {@link Throwable} and throw an
@@ -33,6 +36,50 @@ public static void validateIsThrowable(Class<?> clazz) {
         }
     }
 
+    /**
+     * Verify that the buffer size that will be allocated will not push the total allocated
+     * size of this frame above the expected frame size. This is an estimate as the current
+     * size is only tracked when calls to this method are made and is primarily intended
+     * to prevent large arrays from being created due to an invalid size.
+     *
+     * Also verify the size against configured max frame size.
+     * This check is a sanity check in case of corrupt packets contain invalid size values.
+     *
+     * @param wireFormat configured OpenWireFormat
+     * @param size buffer size to verify
+     * @throws IOException If size is larger than currentFrameSize or maxFrameSize
+     */
+    public static void validateBufferSize(OpenWireFormat wireFormat, int size) throws IOException {
+        validateLessThanFrameSize(wireFormat, size);
+
+        // if currentFrameSize is set and was checked above then this check should not be needed,
+        // but it doesn't hurt to verify again in case the max frame size check was missed
+        // somehow
+        if (wireFormat.isMaxFrameSizeEnabled() && size > wireFormat.getMaxFrameSize()) {
+            throw IOExceptionSupport.createFrameSizeException(size,  wireFormat.getMaxFrameSize());
+        }
+    }
+
+    // Verify total tracked sizes will not exceed the overall size of the frame
+    private static void validateLessThanFrameSize(OpenWireFormat wireFormat, int size)
+        throws IOException {
+        final var context = wireFormat.getMarshallingContext();
+        // No information on current frame size so just return
+        if (context == null || context.getFrameSize() < 0) {
+            return;
+        }
+
+        // Increment existing estimated buffer size with new size
+        context.increment(size);
+
+        // We should never be trying to allocate a buffer that is going to push the total
+        // size greater than the entire frame itself
+        if (context.getEstimatedAllocated() > context.getFrameSize()) {
+            throw IOExceptionSupport.createFrameSizeBufferException(
+                context.getEstimatedAllocated(), context.getFrameSize());
+        }
+    }
+
     /**
      * This method can be used to convert from javax -> jakarta or
      * vice versa depending on the version used by the client

activemq-client/src/main/java/org/apache/activemq/openwire/v10/BaseDataStreamMarshaller.java+8 −4 modified

@@ -410,10 +410,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -437,10 +438,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -617,10 +619,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -636,10 +639,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-client/src/main/java/org/apache/activemq/openwire/v10/ConnectionControlMarshaller.java+2 −2 modified

@@ -74,7 +74,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(tightUnmarshalString(dataIn, bs));
         info.setReconnectTo(tightUnmarshalString(dataIn, bs));
         info.setRebalanceConnection(bs.readBoolean());
-        info.setToken(tightUnmarshalByteArray(dataIn, bs));
+        info.setToken(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -142,7 +142,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(looseUnmarshalString(dataIn));
         info.setReconnectTo(looseUnmarshalString(dataIn));
         info.setRebalanceConnection(dataIn.readBoolean());
-        info.setToken(looseUnmarshalByteArray(dataIn));
+        info.setToken(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v10/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -228,8 +228,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-client/src/main/java/org/apache/activemq/openwire/v10/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v10/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-client/src/main/java/org/apache/activemq/openwire/v10/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v11/BaseDataStreamMarshaller.java+8 −4 modified

@@ -409,10 +409,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -436,10 +437,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -616,10 +618,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -635,10 +638,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-client/src/main/java/org/apache/activemq/openwire/v11/ConnectionControlMarshaller.java+2 −2 modified

@@ -74,7 +74,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(tightUnmarshalString(dataIn, bs));
         info.setReconnectTo(tightUnmarshalString(dataIn, bs));
         info.setRebalanceConnection(bs.readBoolean());
-        info.setToken(tightUnmarshalByteArray(dataIn, bs));
+        info.setToken(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -142,7 +142,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(looseUnmarshalString(dataIn));
         info.setReconnectTo(looseUnmarshalString(dataIn));
         info.setRebalanceConnection(dataIn.readBoolean());
-        info.setToken(looseUnmarshalByteArray(dataIn));
+        info.setToken(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v11/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -228,8 +228,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-client/src/main/java/org/apache/activemq/openwire/v11/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v11/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-client/src/main/java/org/apache/activemq/openwire/v11/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v12/BaseDataStreamMarshaller.java+8 −4 modified

@@ -412,10 +412,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -439,10 +440,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -619,10 +621,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -638,10 +641,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-client/src/main/java/org/apache/activemq/openwire/v12/ConnectionControlMarshaller.java+2 −2 modified

@@ -74,7 +74,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(tightUnmarshalString(dataIn, bs));
         info.setReconnectTo(tightUnmarshalString(dataIn, bs));
         info.setRebalanceConnection(bs.readBoolean());
-        info.setToken(tightUnmarshalByteArray(dataIn, bs));
+        info.setToken(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -142,7 +142,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(looseUnmarshalString(dataIn));
         info.setReconnectTo(looseUnmarshalString(dataIn));
         info.setRebalanceConnection(dataIn.readBoolean());
-        info.setToken(looseUnmarshalByteArray(dataIn));
+        info.setToken(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v12/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -228,8 +228,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-client/src/main/java/org/apache/activemq/openwire/v12/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v12/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-client/src/main/java/org/apache/activemq/openwire/v12/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v1/BaseDataStreamMarshaller.java+8 −4 modified

@@ -411,10 +411,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -438,10 +439,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -618,10 +620,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -637,10 +640,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-client/src/main/java/org/apache/activemq/openwire/v1/MessageMarshaller.java+4 −4 modified

@@ -65,8 +65,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination)tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure)tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId)tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -196,8 +196,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination)looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure)looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId)looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-client/src/main/java/org/apache/activemq/openwire/v1/PartialCommandMarshaller.java+2 −2 modified

@@ -68,7 +68,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -114,7 +114,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v1/WireFormatInfoMarshaller.java+2 −2 modified

@@ -72,7 +72,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -130,7 +130,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-client/src/main/java/org/apache/activemq/openwire/v1/XATransactionIdMarshaller.java+4 −4 modified

@@ -68,8 +68,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -117,8 +117,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v9/BaseDataStreamMarshaller.java+8 −4 modified

@@ -409,10 +409,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -436,10 +437,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -616,10 +618,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -635,10 +638,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-client/src/main/java/org/apache/activemq/openwire/v9/ConnectionControlMarshaller.java+2 −2 modified

@@ -74,7 +74,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(tightUnmarshalString(dataIn, bs));
         info.setReconnectTo(tightUnmarshalString(dataIn, bs));
         info.setRebalanceConnection(bs.readBoolean());
-        info.setToken(tightUnmarshalByteArray(dataIn, bs));
+        info.setToken(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -142,7 +142,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(looseUnmarshalString(dataIn));
         info.setReconnectTo(looseUnmarshalString(dataIn));
         info.setRebalanceConnection(dataIn.readBoolean());
-        info.setToken(looseUnmarshalByteArray(dataIn));
+        info.setToken(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v9/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -225,8 +225,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-client/src/main/java/org/apache/activemq/openwire/v9/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/openwire/v9/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-client/src/main/java/org/apache/activemq/openwire/v9/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-client/src/main/java/org/apache/activemq/util/IOExceptionSupport.java+7 −1 modified

@@ -52,7 +52,13 @@ public static IOException create(Exception cause) {
 
     public static IOException createFrameSizeException(int size, long maxSize) {
         return new MaxFrameSizeExceededException("Frame size of " + toHumanReadableSizeString(size) +
-            " larger than max allowed " + toHumanReadableSizeString(maxSize));
+            " is larger than max allowed " + toHumanReadableSizeString(maxSize));
+    }
+
+    public static IOException createFrameSizeBufferException(int bufferSize, long frameSize) {
+        return new IOException("Estimated allocated buffer size of "
+          + toHumanReadableSizeString(bufferSize) + " is larger than frame size of "
+          + toHumanReadableSizeString(frameSize));
     }
 
     private static String toHumanReadableSizeString(final int size) {

activemq-client/src/test/java/org/apache/activemq/openwire/OpenWireUtilTest.java+103 −0 added

@@ -0,0 +1,103 @@
+package org.apache.activemq.openwire;
+
+
+import jakarta.jms.InvalidClientIDException;
+import jakarta.jms.JMSException;
+import org.apache.activemq.ActiveMQConnection;
+import org.apache.activemq.MaxFrameSizeExceededException;
+import org.apache.activemq.command.WireFormatInfo;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.lang.reflect.Field;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.fail;
+
+public class OpenWireUtilTest {
+
+    @Test
+    public void testValidateIsThrowable() {
+        OpenWireUtil.validateIsThrowable(Exception.class);
+        OpenWireUtil.validateIsThrowable(Throwable.class);
+        OpenWireUtil.validateIsThrowable(JMSException.class);
+        OpenWireUtil.validateIsThrowable(InvalidClientIDException.class);
+
+        try {
+            OpenWireUtil.validateIsThrowable(String.class);
+            fail("Not a valid Throwable");
+        } catch (IllegalArgumentException e) {
+            // expected
+        }
+
+        try {
+            OpenWireUtil.validateIsThrowable(ActiveMQConnection.class);
+            fail("Not a valid Throwable");
+        } catch (IllegalArgumentException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testConvertJmsPackage() {
+        // should not change
+        assertEquals(InvalidClientIDException.class.getName(),
+            OpenWireUtil.convertJmsPackage(InvalidClientIDException.class.getName()));
+
+        // should convert to correct exception type
+        assertEquals(InvalidClientIDException.class.getName(),
+            OpenWireUtil.convertJmsPackage(OpenWireUtil.jmsPackageToReplace + ".InvalidClientIDException"));
+    }
+
+    @Test
+    public void testValidateBufferSize() throws IOException {
+        OpenWireFormatFactory factory = new OpenWireFormatFactory();
+
+        var wireFormat = (OpenWireFormat) factory.createWireFormat();
+
+        // Nothing set, no validation
+        OpenWireUtil.validateBufferSize(wireFormat, 2048);
+
+        // verify max frame check works
+        try {
+            wireFormat.setMaxFrameSize(1024);
+            OpenWireUtil.validateBufferSize(wireFormat, 2048);
+            fail("should have failed");
+        } catch (MaxFrameSizeExceededException e) {
+            // expected
+        }
+
+        // rest max frame size back so we can test validating current size
+        // is less than expected buffer size
+        wireFormat.setMaxFrameSize(OpenWireFormat.DEFAULT_MAX_FRAME_SIZE);
+        WireFormatInfo wfi = new WireFormatInfo();
+        wfi.setProperty("test", "test");
+
+        // should be no error for the first 2 calls, last call should
+        // go over frame size and error
+        initContext(wireFormat, 2048);
+        OpenWireUtil.validateBufferSize(wireFormat, 1024);
+        OpenWireUtil.validateBufferSize(wireFormat, 1024);
+        try {
+            OpenWireUtil.validateBufferSize(wireFormat, 1);
+            fail("should have failed");
+        } catch (IOException e) {
+            // expected
+        }
+    }
+
+    @SuppressWarnings("unchecked")
+    private void initContext(OpenWireFormat format, int frameSize) throws IOException {
+        try {
+            Field mcThreadLocalField = OpenWireFormat.class.getDeclaredField("marshallingContext");
+            mcThreadLocalField.setAccessible(true);
+            var mcThreadLocal = (ThreadLocal<OpenWireFormat.MarshallingContext>) mcThreadLocalField.get(format);
+            var context = new OpenWireFormat.MarshallingContext();
+            context.setFrameSize(frameSize);
+            mcThreadLocal.set(context);
+        } catch (ReflectiveOperationException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+}

activemq-client/src/test/java/org/apache/activemq/openwire/OpenWireValidationTest.java+242 −19 modified

@@ -16,29 +16,35 @@
  */
 package org.apache.activemq.openwire;
 
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
+import java.io.DataInputStream;
 import java.io.DataOutput;
 import java.io.IOException;
+import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.concurrent.atomic.AtomicInteger;
-import org.apache.activemq.command.CommandTypes;
-import org.apache.activemq.command.ExceptionResponse;
+
+import javassist.util.proxy.MethodHandler;
+import javassist.util.proxy.ProxyFactory;
+import javassist.util.proxy.ProxyObject;
+import org.apache.activemq.command.*;
+import org.apache.activemq.openwire.v1.BaseDataStreamMarshaller;
+import org.apache.activemq.transport.nio.NIOInputStream;
 import org.apache.activemq.util.ByteSequence;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import org.junit.runners.Parameterized.Parameters;
 
+import static org.junit.Assert.*;
+
 /**
- * Test that Openwire marshalling will validate Throwable types during
- * unmarshalling commands that contain a Throwable
+ * Test that Openwire marshalling will validate commands correctly
  */
 @RunWith(Parameterized.class)
 public class OpenWireValidationTest {
@@ -63,7 +69,7 @@ public static Collection<Object[]> data() {
         // This will make sure that we don't forget to update this test to include
         // any future versions that are generated
         assertTrue("List of Openwire versions does not include latest version",
-            versions.contains((int)CommandTypes.PROTOCOL_VERSION));
+            versions.contains((int) CommandTypes.PROTOCOL_VERSION));
 
         return versionObjs;
     }
@@ -72,21 +78,98 @@ public OpenWireValidationTest(int version) {
         this.version = version;
     }
 
+    @Test
+    public void testLooseUnmarshalByteSequenceValidation() throws Exception {
+        testUnmarshalByteSequenceValidation(false);
+    }
+
+    @Test
+    public void testTightUnmarshalByteSequenceValidation() throws Exception {
+        testUnmarshalByteSequenceValidation(true);
+    }
+
+    @Test
+    public void testLooseUnmarshalByteArray() throws Exception {
+        testUnmarshalByteArray(false);
+    }
+
+    @Test
+    public void testTightUnmarshalByteArray() throws Exception {
+        testUnmarshalByteArray(true);
+    }
+
+    // WireFormatInfo eventually delegates to BaseDataStreamMarshaller#tightUnmarshalByteSequence() and
+    // BaseDataStreamMarshaller#looseUnmarshalByteSequence()
+    private void testUnmarshalByteSequenceValidation(boolean tightEncoding) throws Exception {
+        WireFormatInfo wfi = new WireFormatInfo();
+        wfi.setProperty("prop1", "val1");
+        testUnmarshal(wfi, tightEncoding);
+    }
+
+    // PartialCommand eventually delegates to BaseDataStreamMarshaller#tightUnmarshalByteArray()
+    // and BaseDataStreamMarshaller#looseUnmarshalByteArray()
+    private void testUnmarshalByteArray(boolean tightEncoding) throws Exception {
+        PartialCommand pc = new PartialCommand();
+        pc.setData("bytes".getBytes(StandardCharsets.UTF_8));
+        testUnmarshal(pc, tightEncoding);
+    }
+
+    private void testUnmarshal(Command command, boolean tightEncoding) throws Exception {
+        var format = setupWireFormat(tightEncoding);
+        ByteSequence bss = format.marshal(command);
+        try {
+            // We should get an exception from an invalid size value that is too large
+            // Test OpenWireFormat#unmarshal(ByteSequence) method
+            format.unmarshal(bss);
+            fail("Should have received an IOException");
+        } catch (IOException io) {
+            assertTrue(io.getMessage().contains("Estimated allocated buffer size"));
+            assertTrue(io.getMessage().contains("is larger than frame size"));
+        }
+        // Verify thread local is cleared even after exception
+        assertNull(format.getMarshallingContext());
+
+        try {
+            // We should get an exception from an invalid size value that is too large
+            // Test OpenWireFormat#unmarshal(DataInput) method
+            format.unmarshal(new DataInputStream(new NIOInputStream(
+                ByteBuffer.wrap(bss.toArray()))));
+            fail("Should have received an IOException");
+        } catch (IOException io) {
+            assertTrue(io.getMessage().contains("Estimated allocated buffer size"));
+            assertTrue(io.getMessage().contains("is larger than frame size"));
+        }
+        // Verify thread local is cleared even after exception
+        assertNull(format.getMarshallingContext());
+    }
+
+    // Verify MarshallingContext thread local is cleared where there is
+    // successful unmarshalling and no error. The other tests that check
+    // validation works if invalid size will validate the context is cleared
+    // when there is an error
+    @Test
+    public void testUnmarshalNoErrorClearContext() throws Exception {
+        var format = new OpenWireFormat();
+        ByteSequence bss = format.marshal(new ConnectionInfo());
+
+        // make sure context cleared after calling
+        // OpenWireFormat#unmarshal(ByteSequence) method
+        format.unmarshal(bss);
+        assertNull(format.getMarshallingContext());
+
+        // Make sure context cleared after calling
+        // OpenWireFormat#unmarshal(DataInput) method
+        format.unmarshal(new DataInputStream(new NIOInputStream(
+            ByteBuffer.wrap(bss.toArray()))));
+        assertNull(format.getMarshallingContext());
+    }
+
     @Test
     public void testOpenwireThrowableValidation() throws Exception {
         // Create a format which will use loose encoding by default
         // The code for handling exception creation is shared between both
         // tight/loose encoding so only need to test 1
-        OpenWireFormat format = new OpenWireFormat();
-
-        // Override the marshaller map with a custom impl to purposely marshal a class type that is
-        // not a Throwable for testing the unmarshaller
-        Class<?> marshallerFactory = getMarshallerFactory();
-        Method createMarshallerMap = marshallerFactory.getMethod("createMarshallerMap", OpenWireFormat.class);
-        DataStreamMarshaller[] map = (DataStreamMarshaller[]) createMarshallerMap.invoke(marshallerFactory, format);
-        map[ExceptionResponse.DATA_STRUCTURE_TYPE] = getExceptionMarshaller();
-        // This will trigger updating the marshaller from the marshaller map with the right version
-        format.setVersion(version);
+        var format = setupWireFormat(false);
 
         // Build the response and try to unmarshal which should give an IllegalArgumentExeption on unmarshall
         // as the test marshaller should have encoded a class type that is not a Throwable
@@ -102,6 +185,23 @@ public void testOpenwireThrowableValidation() throws Exception {
         assertFalse(initialized.get());
     }
 
+    private OpenWireFormat setupWireFormat(boolean tightEncoding) throws Exception {
+        // Create a format
+        OpenWireFormat format = new OpenWireFormat();
+        format.setTightEncodingEnabled(tightEncoding);
+
+        // Override the marshaller map with a custom impl to purposely marshal a bad size value
+        Class<?> marshallerFactory = getMarshallerFactory();
+        Method createMarshallerMap = marshallerFactory.getMethod("createMarshallerMap", OpenWireFormat.class);
+        DataStreamMarshaller[] map = (DataStreamMarshaller[]) createMarshallerMap.invoke(marshallerFactory, format);
+        map[ExceptionResponse.DATA_STRUCTURE_TYPE] = getExceptionMarshaller();
+        map[WireFormatInfo.DATA_STRUCTURE_TYPE] = getWireFormatInfoMarshaller();
+        map[PartialCommand.DATA_STRUCTURE_TYPE] = getPartialCommandMarshaller();
+        // This will trigger updating the marshaller from the marshaller map with the right version
+        format.setVersion(version);
+        return format;
+    }
+
     static class NotAThrowable {
         private String message;
 
@@ -181,4 +281,127 @@ protected void looseMarshalThrowable(OpenWireFormat wireFormat, Throwable o,
         }
     }
 
+    // Create test marshallers for all non-legacy versions
+    // WireFormatInfo will test the bytesequence marshallers
+    protected DataStreamMarshaller getWireFormatInfoMarshaller() {
+        switch (version) {
+            case 12:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v12.WireFormatInfoMarshaller());
+            case 11:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v11.WireFormatInfoMarshaller());
+            case 10:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v10.WireFormatInfoMarshaller());
+            case 9:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v9.WireFormatInfoMarshaller());
+            case 1:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v1.WireFormatInfoMarshaller());
+            default:
+                throw new IllegalArgumentException("Unknown OpenWire version of " + version);
+        }
+    }
+
+    // PartialCommand will test the byte array marshallers
+    protected DataStreamMarshaller getPartialCommandMarshaller() {
+        switch (version) {
+            case 12:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v12.PartialCommandMarshaller());
+            case 11:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v11.PartialCommandMarshaller());
+            case 10:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v10.PartialCommandMarshaller());
+            case 9:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v9.PartialCommandMarshaller());
+            case 1:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v1.PartialCommandMarshaller());
+            default:
+                throw new IllegalArgumentException("Unknown OpenWire version of " + version);
+        }
+    }
+
+    protected static void badTightMarshalByteSequence(ByteSequence data, DataOutput dataOut,
+                                               BooleanStream bs) throws IOException {
+        if (bs.readBoolean()) {
+            // Write an invalid length that is much larger than it should be
+            dataOut.writeInt(data.getLength() * 10);
+            dataOut.write(data.getData(), data.getOffset(), data.getLength());
+        }
+    }
+
+    protected static void badLooseMarshalByteSequence(ByteSequence data, DataOutput dataOut)
+        throws IOException {
+        dataOut.writeBoolean(data != null);
+        if (data != null) {
+            // Write an invalid length that is much larger than it should be
+            dataOut.writeInt(data.getLength() * 10);
+            dataOut.write(data.getData(), data.getOffset(), data.getLength());
+        }
+    }
+
+    protected static void badLooseMarshalByteArray(byte[] data,
+                                            DataOutput dataOut) throws IOException {
+        dataOut.writeBoolean(data != null);
+        if (data != null) {
+            // Write an invalid length that is much larger than it should be
+            dataOut.writeInt(data.length * 10);
+            dataOut.write(data);
+        }
+    }
+
+    protected static void badTightMarshalByteArray(byte[] data, DataOutput dataOut,
+                                            BooleanStream bs) throws IOException {
+        if (bs.readBoolean()) {
+            // Write an invalid length that is much larger than it should be
+            dataOut.writeInt(data.length * 10);
+            dataOut.write(data);
+        }
+    }
+
+    // This will create a proxy object to wrap the marhallers so that we can intercept
+    // both the byte and bytesequence methods to write bad sizes for testing
+    protected DataStreamMarshaller proxyBadBufferCommand(DataStreamMarshaller marshaller) {
+        ProxyFactory factory = new ProxyFactory();
+        factory.setSuperclass(marshaller.getClass());
+        Class<?> clazz = factory.createClass();
+
+        try {
+            DataStreamMarshaller instance = (DataStreamMarshaller) clazz.getConstructor().newInstance();
+            ((ProxyObject) instance).setHandler(new BadBufferProxy());
+            return instance;
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    protected static class BadBufferProxy implements MethodHandler {
+
+        @Override
+        public Object invoke(Object self, Method thisMethod, Method proceed, Object[] args) throws Throwable {
+            Object result = null;
+
+            try {
+                // This handles writing a bad size for all 4 types of methods that should validate
+                switch (thisMethod.getName()) {
+                    case "looseMarshalByteArray":
+                        badLooseMarshalByteArray((byte[]) args[1], (DataOutput) args[2]);
+                        break;
+                    case "tightMarshalByteArray2":
+                        badTightMarshalByteArray((byte[]) args[0], (DataOutput) args[1], (BooleanStream) args[2]);
+                        break;
+                    case "looseMarshalByteSequence":
+                        badLooseMarshalByteSequence((ByteSequence) args[1], (DataOutput) args[2]);
+                        break;
+                    case "tightMarshalByteSequence2":
+                        badTightMarshalByteSequence((ByteSequence) args[0], (DataOutput) args[1], (BooleanStream) args[2]);
+                        break;
+                    default:
+                        result = proceed.invoke(self, args);
+                        break;
+                }
+            } catch (InvocationTargetException e) {
+                throw e.getCause();
+            }
+
+            return result;
+        }
+    }
 }

activemq-openwire-legacy/pom.xml+5 −0 modified

@@ -47,6 +47,11 @@
       <artifactId>junit</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.javassist</groupId>
+      <artifactId>javassist</artifactId>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 
 </project>

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v2/BaseDataStreamMarshaller.java+8 −4 modified

@@ -410,10 +410,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -437,10 +438,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -617,10 +619,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -636,10 +639,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v2/MessageMarshaller.java+4 −4 modified

@@ -65,8 +65,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination)tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure)tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId)tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -199,8 +199,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination)looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure)looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId)looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v2/PartialCommandMarshaller.java+2 −2 modified

@@ -68,7 +68,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -114,7 +114,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v2/WireFormatInfoMarshaller.java+2 −2 modified

@@ -72,7 +72,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -130,7 +130,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v2/XATransactionIdMarshaller.java+4 −4 modified

@@ -68,8 +68,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -117,8 +117,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v3/BaseDataStreamMarshaller.java+8 −4 modified

@@ -410,10 +410,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -437,10 +438,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -617,10 +619,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -636,10 +639,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v3/MessageMarshaller.java+4 −4 modified

@@ -65,8 +65,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination)tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure)tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId)tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -218,8 +218,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination)looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure)looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId)looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v3/PartialCommandMarshaller.java+2 −2 modified

@@ -68,7 +68,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -114,7 +114,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v3/WireFormatInfoMarshaller.java+2 −2 modified

@@ -72,7 +72,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -130,7 +130,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v3/XATransactionIdMarshaller.java+4 −4 modified

@@ -68,8 +68,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -117,8 +117,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v4/BaseDataStreamMarshaller.java+8 −4 modified

@@ -410,10 +410,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -437,10 +438,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -617,10 +619,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -636,10 +639,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v4/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -225,8 +225,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v4/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v4/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v4/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v5/BaseDataStreamMarshaller.java+8 −4 modified

@@ -410,10 +410,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -437,10 +438,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -617,10 +619,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -636,10 +639,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v5/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -225,8 +225,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v5/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v5/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v5/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v6/BaseDataStreamMarshaller.java+8 −4 modified

@@ -410,10 +410,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -437,10 +438,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -617,10 +619,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -636,10 +639,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v6/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -225,8 +225,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v6/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v6/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v6/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v7/BaseDataStreamMarshaller.java+8 −4 modified

@@ -409,10 +409,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -436,10 +437,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -616,10 +618,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -635,10 +638,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v7/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -225,8 +225,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v7/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v7/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v7/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v8/BaseDataStreamMarshaller.java+8 −4 modified

@@ -409,10 +409,11 @@ protected void tightMarshalByteArray2(byte[] data, DataOutput dataOut, BooleanSt
         }
     }
 
-    protected byte[] tightUnmarshalByteArray(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected byte[] tightUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         byte rc[] = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -436,10 +437,11 @@ protected void tightMarshalByteSequence2(ByteSequence data, DataOutput dataOut,
         }
     }
 
-    protected ByteSequence tightUnmarshalByteSequence(DataInput dataIn, BooleanStream bs) throws IOException {
+    protected ByteSequence tightUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn, BooleanStream bs) throws IOException {
         ByteSequence rc = null;
         if (bs.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             return new ByteSequence(t, 0, size);
@@ -616,10 +618,11 @@ protected void looseMarshalByteArray(OpenWireFormat wireFormat, byte[] data, Dat
         }
     }
 
-    protected byte[] looseUnmarshalByteArray(DataInput dataIn) throws IOException {
+    protected byte[] looseUnmarshalByteArray(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         byte rc[] = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             rc = new byte[size];
             dataIn.readFully(rc);
         }
@@ -635,10 +638,11 @@ protected void looseMarshalByteSequence(OpenWireFormat wireFormat, ByteSequence
         }
     }
 
-    protected ByteSequence looseUnmarshalByteSequence(DataInput dataIn) throws IOException {
+    protected ByteSequence looseUnmarshalByteSequence(OpenWireFormat wireFormat, DataInput dataIn) throws IOException {
         ByteSequence rc = null;
         if (dataIn.readBoolean()) {
             int size = dataIn.readInt();
+            OpenWireUtil.validateBufferSize(wireFormat, size);
             byte[] t = new byte[size];
             dataIn.readFully(t);
             rc = new ByteSequence(t, 0, size);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v8/ConnectionControlMarshaller.java+2 −2 modified

@@ -74,7 +74,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(tightUnmarshalString(dataIn, bs));
         info.setReconnectTo(tightUnmarshalString(dataIn, bs));
         info.setRebalanceConnection(bs.readBoolean());
-        info.setToken(tightUnmarshalByteArray(dataIn, bs));
+        info.setToken(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -142,7 +142,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setConnectedBrokers(looseUnmarshalString(dataIn));
         info.setReconnectTo(looseUnmarshalString(dataIn));
         info.setRebalanceConnection(dataIn.readBoolean());
-        info.setToken(looseUnmarshalByteArray(dataIn));
+        info.setToken(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v8/MessageMarshaller.java+4 −4 modified

@@ -69,8 +69,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTimestamp(tightUnmarshalLong(wireFormat, dataIn, bs));
         info.setType(tightUnmarshalString(dataIn, bs));
-        info.setContent(tightUnmarshalByteSequence(dataIn, bs));
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setContent(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
         info.setDataStructure((org.apache.activemq.command.DataStructure) tightUnmarsalNestedObject(wireFormat, dataIn, bs));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) tightUnmarsalCachedObject(wireFormat, dataIn, bs));
         info.setCompressed(bs.readBoolean());
@@ -225,8 +225,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         info.setReplyTo((org.apache.activemq.command.ActiveMQDestination) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTimestamp(looseUnmarshalLong(wireFormat, dataIn));
         info.setType(looseUnmarshalString(dataIn));
-        info.setContent(looseUnmarshalByteSequence(dataIn));
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setContent(looseUnmarshalByteSequence(wireFormat, dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
         info.setDataStructure((org.apache.activemq.command.DataStructure) looseUnmarsalNestedObject(wireFormat, dataIn));
         info.setTargetConsumerId((org.apache.activemq.command.ConsumerId) looseUnmarsalCachedObject(wireFormat, dataIn));
         info.setCompressed(dataIn.readBoolean());

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v8/PartialCommandMarshaller.java+2 −2 modified

@@ -67,7 +67,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(tightUnmarshalByteArray(dataIn, bs));
+        info.setData(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -113,7 +113,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         PartialCommand info = (PartialCommand)o;
         info.setCommandId(dataIn.readInt());
-        info.setData(looseUnmarshalByteArray(dataIn));
+        info.setData(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v8/WireFormatInfoMarshaller.java+2 −2 modified

@@ -71,7 +71,7 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(tightUnmarshalConstByteArray(dataIn, bs, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(tightUnmarshalByteSequence(dataIn, bs));
+        info.setMarshalledProperties(tightUnmarshalByteSequence(wireFormat, dataIn, bs));
 
         info.afterUnmarshall(wireFormat);
 
@@ -129,7 +129,7 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
         
         info.setMagic(looseUnmarshalConstByteArray(dataIn, 8));
         info.setVersion(dataIn.readInt());
-        info.setMarshalledProperties(looseUnmarshalByteSequence(dataIn));
+        info.setMarshalledProperties(looseUnmarshalByteSequence(wireFormat, dataIn));
 
         info.afterUnmarshall(wireFormat);

activemq-openwire-legacy/src/main/java/org/apache/activemq/openwire/v8/XATransactionIdMarshaller.java+4 −4 modified

@@ -67,8 +67,8 @@ public void tightUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(tightUnmarshalByteArray(dataIn, bs));
-        info.setBranchQualifier(tightUnmarshalByteArray(dataIn, bs));
+        info.setGlobalTransactionId(tightUnmarshalByteArray(wireFormat, dataIn, bs));
+        info.setBranchQualifier(tightUnmarshalByteArray(wireFormat, dataIn, bs));
 
     }
 
@@ -116,8 +116,8 @@ public void looseUnmarshal(OpenWireFormat wireFormat, Object o, DataInput dataIn
 
         XATransactionId info = (XATransactionId)o;
         info.setFormatId(dataIn.readInt());
-        info.setGlobalTransactionId(looseUnmarshalByteArray(dataIn));
-        info.setBranchQualifier(looseUnmarshalByteArray(dataIn));
+        info.setGlobalTransactionId(looseUnmarshalByteArray(wireFormat, dataIn));
+        info.setBranchQualifier(looseUnmarshalByteArray(wireFormat, dataIn));
 
     }

activemq-openwire-legacy/src/test/java/org/apache/activemq/openwire/OpenWireLegacyValidationTest.java+44 −2 modified

@@ -21,13 +21,13 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
+import org.apache.activemq.util.ByteSequence;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import org.junit.runners.Parameterized.Parameters;
 
 /**
- * Test that Openwire marshalling for legacy versions will validate Throwable types during
- * unmarshalling commands that contain a Throwable
+ * Test that Openwire marshalling for legacy versions will validate certain commands correctly
  */
 @RunWith(Parameterized.class)
 public class OpenWireLegacyValidationTest extends OpenWireValidationTest {
@@ -126,4 +126,46 @@ protected void looseMarshalThrowable(OpenWireFormat wireFormat, Throwable o,
         }
     }
 
+    protected DataStreamMarshaller getWireFormatInfoMarshaller() {
+        switch (version) {
+            case 2:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v2.WireFormatInfoMarshaller());
+            case 3:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v3.WireFormatInfoMarshaller());
+            case 4:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v4.WireFormatInfoMarshaller());
+            case 5:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v5.WireFormatInfoMarshaller());
+            case 6:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v6.WireFormatInfoMarshaller());
+            case 7:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v7.WireFormatInfoMarshaller());
+            case 8:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v8.WireFormatInfoMarshaller());
+            default:
+                throw new IllegalArgumentException("Unknown OpenWire version of " + version);
+        }
+    }
+
+    protected DataStreamMarshaller getPartialCommandMarshaller() {
+        switch (version) {
+            case 2:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v2.PartialCommandMarshaller());
+            case 3:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v3.PartialCommandMarshaller());
+            case 4:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v4.PartialCommandMarshaller());
+            case 5:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v5.PartialCommandMarshaller());
+            case 6:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v6.PartialCommandMarshaller());
+            case 7:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v7.PartialCommandMarshaller());
+            case 8:
+                return proxyBadBufferCommand(new org.apache.activemq.openwire.v8.PartialCommandMarshaller());
+            default:
+                throw new IllegalArgumentException("Unknown OpenWire version of " + version);
+        }
+    }
+
 }

pom.xml+6 −0 modified

@@ -72,6 +72,7 @@
     <jetty-version-range>[11,13)</jetty-version-range>
     <jmdns-version>3.6.0</jmdns-version>
     <tomcat-api-version>9.0.65</tomcat-api-version>
+    <javassist-version>3.30.2-GA</javassist-version>
     <jettison-version>1.5.4</jettison-version>
     <jmock-version>2.13.1</jmock-version>
     <jolokia-version>2.1.2</jolokia-version>
@@ -924,6 +925,11 @@
         <artifactId>jettison</artifactId>
         <version>${jettison-version}</version>
     </dependency>
+      <dependency>
+        <groupId>org.javassist</groupId>
+        <artifactId>javassist</artifactId>
+        <version>${javassist-version}</version>
+      </dependency>
 
       <dependency>
         <groupId>annogen</groupId>

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-whxr-3p84-rf3cghsaADVISORY
lists.apache.org/thread/8hcm25vf7mchg4zbbhnlx2lc5bs705hgghsavendor-advisoryWEB
nvd.nist.gov/vuln/detail/CVE-2025-27533ghsaADVISORY
www.openwall.com/lists/oss-security/2025/05/06/1ghsaWEB
github.com/apache/activemq/commit/fc4372b9f0f72b8b5eed917f0019c5cea45c5d06ghsaWEB
issues.apache.org/jira/browse/AMQ-6596ghsaWEB
lists.debian.org/debian-lts-announce/2025/06/msg00020.htmlghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.002
exploit	0.030
kev	0.000
patch	-0.070
ransomware	0.000