diff --git a/liquibase-standard/pom.xml b/liquibase-standard/pom.xml
index 85db6c8cb81..1d3979e36e4 100644
--- a/liquibase-standard/pom.xml
+++ b/liquibase-standard/pom.xml
@@ -179,7 +179,11 @@
commons-text
${commons-text.version}
-
+
+ io.github.pixee
+ java-security-toolkit
+
+
diff --git a/liquibase-standard/src/main/java/liquibase/parser/AbstractFormattedChangeLogParser.java b/liquibase-standard/src/main/java/liquibase/parser/AbstractFormattedChangeLogParser.java
index 057f9e21cb4..1c0179daedf 100644
--- a/liquibase-standard/src/main/java/liquibase/parser/AbstractFormattedChangeLogParser.java
+++ b/liquibase-standard/src/main/java/liquibase/parser/AbstractFormattedChangeLogParser.java
@@ -1,5 +1,6 @@
package liquibase.parser;
+import io.github.pixee.security.BoundedLineReader;
import liquibase.Labels;
import liquibase.Scope;
import liquibase.change.AbstractSQLChange;
@@ -236,10 +237,10 @@ public boolean supports(String changeLogFile, ResourceAccessor resourceAccessor)
}
reader = new BufferedReader(StreamUtil.readStreamWithReader(fileStream, null));
- String firstLine = reader.readLine();
+ String firstLine = BoundedLineReader.readLine(reader, 5_000_000);
while (firstLine != null && firstLine.trim().isEmpty() && reader.ready()) {
- firstLine = reader.readLine();
+ firstLine = BoundedLineReader.readLine(reader, 5_000_000);
}
//
@@ -293,7 +294,7 @@ public DatabaseChangeLog parse(String physicalChangeLogLocation, ChangeLogParame
int count = 0;
String line;
- while ((line = reader.readLine()) != null) {
+ while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) {
count++;
Matcher commentMatcher = COMMENT_PATTERN.matcher(line);
Matcher propertyPatternMatcher = PROPERTY_PATTERN.matcher(line);
@@ -314,7 +315,7 @@ public DatabaseChangeLog parse(String physicalChangeLogLocation, ChangeLogParame
Matcher altIgnoreLinesOneDashMatcher = ALT_IGNORE_LINES_ONE_CHARACTER_PATTERN.matcher(line);
if (ignoreLinesMatcher.matches()) {
if ("start".equals(ignoreLinesMatcher.group(1))) {
- while ((line = reader.readLine()) != null) {
+ while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) {
altIgnoreLinesOneDashMatcher = ALT_IGNORE_LINES_ONE_CHARACTER_PATTERN.matcher(line);
count++;
ignoreLinesMatcher = IGNORE_LINES_PATTERN.matcher(line);
@@ -332,7 +333,7 @@ public DatabaseChangeLog parse(String physicalChangeLogLocation, ChangeLogParame
} else {
try {
long ignoreCount = Long.parseLong(ignoreLinesMatcher.group(1));
- while (ignoreCount > 0 && reader.readLine() != null) {
+ while (ignoreCount > 0 && BoundedLineReader.readLine(reader, 5_000_000) != null) {
ignoreCount--;
count++;
}
@@ -828,7 +829,7 @@ private StringBuilder extractMultiLineRollBack(BufferedReader reader) throws IOE
String line;
if (reader != null) {
- while ((line = reader.readLine()) != null) {
+ while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) {
if (ROLLBACK_MULTI_LINE_END_PATTERN.matcher(line).matches()) {
String[] lastLineSplit = line.split(String.format("%s\\s*$", getEndMultiLineCommentSequence()));
if (lastLineSplit.length > 0 && !StringUtil.isWhitespace(lastLineSplit[0])) {
diff --git a/liquibase-standard/src/main/java/liquibase/ui/ConsoleUIService.java b/liquibase-standard/src/main/java/liquibase/ui/ConsoleUIService.java
index 2d46ca04a03..64d32e5868b 100644
--- a/liquibase-standard/src/main/java/liquibase/ui/ConsoleUIService.java
+++ b/liquibase-standard/src/main/java/liquibase/ui/ConsoleUIService.java
@@ -1,5 +1,6 @@
package liquibase.ui;
+import io.github.pixee.security.BoundedLineReader;
import liquibase.AbstractExtensibleObject;
import liquibase.GlobalConfiguration;
import liquibase.Scope;
@@ -235,7 +236,7 @@ public String readLine() {
return "";
}
try {
- return new BufferedReader(new InputStreamReader(System.in)).readLine();
+ return BoundedLineReader.readLine(new BufferedReader(new InputStreamReader(System.in)), 5_000_000);
} catch (IOException ioe) {
//
// Throw an exception if we can't read
diff --git a/liquibase-standard/src/test/java/liquibase/NoJavaSpecificCodeTest.java b/liquibase-standard/src/test/java/liquibase/NoJavaSpecificCodeTest.java
index 65efd1325c3..0889da71a9b 100644
--- a/liquibase-standard/src/test/java/liquibase/NoJavaSpecificCodeTest.java
+++ b/liquibase-standard/src/test/java/liquibase/NoJavaSpecificCodeTest.java
@@ -1,5 +1,6 @@
package liquibase;
+import io.github.pixee.security.BoundedLineReader;
import org.junit.Test;
import java.io.BufferedReader;
@@ -25,7 +26,7 @@ private void checkJavaClasses(File directory) throws Exception {
if (file.getName().endsWith(".java")) {
try (BufferedReader reader = new BufferedReader(new FileReader(file))) {
String line;
- while ((line = reader.readLine()) != null) {
+ while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) {
if (line.contains("java.sql")) {
fail(file.getCanonicalPath() + " contains java.sql");
}
diff --git a/liquibase-standard/src/test/java/liquibase/verify/AbstractVerifyTest.java b/liquibase-standard/src/test/java/liquibase/verify/AbstractVerifyTest.java
index 38316f0ff99..d3c0fab41d3 100644
--- a/liquibase-standard/src/test/java/liquibase/verify/AbstractVerifyTest.java
+++ b/liquibase-standard/src/test/java/liquibase/verify/AbstractVerifyTest.java
@@ -1,5 +1,6 @@
package liquibase.verify;
+import io.github.pixee.security.BoundedLineReader;
import liquibase.util.StringUtil;
import org.junit.ComparisonFailure;
import org.junit.Rule;
@@ -91,7 +92,7 @@ private String readExistingValue() throws IOException {
BufferedReader reader = new BufferedReader(new FileReader(stateFile));
String line;
- while ((line = reader.readLine()) != null) {
+ while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) {
content.append(line).append("\n");
}
reader.close();
diff --git a/pom.xml b/pom.xml
index 4c327695123..c5eca79e90b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -90,7 +90,9 @@
target/jacoco.xml
true
-
+
+ 1.2.1
+
@@ -171,7 +173,12 @@
spock-core
${spock.version}
-
+
+ io.github.pixee
+ java-security-toolkit
+ ${versions.java-security-toolkit}
+
+