Skip to content

Fix XEP-0060 PubSub compliance: purge-node ClassCastException and missing payload size enforcement#3186

Merged
guusdk merged 3 commits intomainfrom
copilot/audit-openfire-pubsub-compliance
Mar 25, 2026
Merged

Fix XEP-0060 PubSub compliance: purge-node ClassCastException and missing payload size enforcement#3186
guusdk merged 3 commits intomainfrom
copilot/audit-openfire-pubsub-compliance

Conversation

Copy link
Contributor

Copilot AI commented Mar 13, 2026
edited
Loading

Two XEP-0060 §1.30.0 compliance bugs in PubSubEngine, both covered by new unit tests in PubSubEngineTest.

Bug 1: purgeNode throws ClassCastException on collection nodes

The isCollectionNode() guard came after an unconditional (LeafNode) node cast, so purging a collection node crashed instead of returning the spec-required error.

Fix: Swap the order — check isCollectionNode() first, then cast.

// Before (throws ClassCastException for collection nodes):
if (!((LeafNode) node).isPersistPublishedItems()) { ... }
if (node.isCollectionNode()) { ... }

// After (XEP-0060 §8.5.3.1 — correct error returned):
if (node.isCollectionNode()) { ... }                       // feature-not-implemented / purge-nodes
if (!((LeafNode) node).isPersistPublishedItems()) { ... }  // feature-not-implemented / persistent-items

Bug 2: publishItemsToNode ignores maxPayloadSize

LeafNode.maxPayloadSize was stored and exposed but never checked — a TODO comment acknowledged this gap. XEP-0060 §7.1.3.5 requires returning <not-acceptable/> + <payload-too-big/> when the payload exceeds the configured limit (default 10 MB).

Fix: Added byte-length check (UTF-8) in the item-processing loop after existing payload structure validation:

if (payload != null) {
    final int payloadSize = payload.asXML().getBytes(StandardCharsets.UTF_8).length;
    if (payloadSize > leafNode.getMaxPayloadSize()) {
        Element pubsubError = DocumentHelper.createElement(
            QName.get("payload-too-big", "http://jabber.org/protocol/pubsub#errors"));
        sendErrorPacket(iq, PacketError.Condition.not_acceptable, pubsubError);
        return;
    }
}

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI changed the title [WIP] Audit Openfire's PubSub compliance against XEP-0060 version 1.30.0 Fix XEP-0060 PubSub compliance: purge-node ClassCastException and missing payload size enforcement Mar 13, 2026
Copilot AI requested a review from akrherz March 13, 2026 15:41
@akrherz akrherz marked this pull request as ready for review March 13, 2026 15:43
guusdk
guusdk approved these changes Mar 24, 2026
View reviewed changes
Copy link
Member

@guusdk guusdk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes look good to me. Can we rewrite the commit message(s) (possibly split them into two distinct commits) to include the JIRA identifiers of the tickets that I created for each of the issues fixed just now?

@akrherz akrherz force-pushed the copilot/audit-openfire-pubsub-compliance branch from 4c0c46c to f76c563 Compare March 24, 2026 19:26
@akrherz
Copy link
Member

akrherz commented Mar 24, 2026

rebased and split commits...

@akrherz akrherz force-pushed the copilot/audit-openfire-pubsub-compliance branch from f76c563 to 020ee69 Compare March 24, 2026 19:26
@guusdk guusdk merged commit 8bf24ae into main Mar 25, 2026
62 of 63 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@guusdk guusdk guusdk approved these changes

@akrherz akrherz Awaiting requested review from akrherz

Assignees

@akrherz akrherz

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@akrherz @guusdk