From 92ba5907b0e8fb335e6562d636a3bcb627099f92 Mon Sep 17 00:00:00 2001
From: zbeacon <ibarkov.ua@gmail.com>
Date: Tue, 3 Nov 2020 16:51:41 +0200
Subject: [PATCH 1/5] Added validation for deviceName/attribute key contains
 only spaces situation

---
 .../thingsboard/server/controller/TelemetryController.java   | 5 +++++
 .../org/thingsboard/server/dao/device/DeviceServiceImpl.java | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/application/src/main/java/org/thingsboard/server/controller/TelemetryController.java b/application/src/main/java/org/thingsboard/server/controller/TelemetryController.java
index af4eb0f08f..e8c4756a6f 100644
--- a/application/src/main/java/org/thingsboard/server/controller/TelemetryController.java
+++ b/application/src/main/java/org/thingsboard/server/controller/TelemetryController.java
@@ -393,6 +393,11 @@ public class TelemetryController extends BaseController {
             if (attributes.isEmpty()) {
                 return getImmediateDeferredResult("No attributes data found in request body!", HttpStatus.BAD_REQUEST);
             }
+            for (AttributeKvEntry attributeKvEntry: attributes) {
+                if (attributeKvEntry.getKey().isEmpty() || attributeKvEntry.getKey().trim().length() == 0) {
+                    return getImmediateDeferredResult("Key cannot be empty or contains only spaces", HttpStatus.BAD_REQUEST);
+                }
+            }
             SecurityUser user = getCurrentUser();
             return accessValidator.validateEntityAndCallback(getCurrentUser(), Operation.WRITE_ATTRIBUTES, entityIdSrc, (result, tenantId, entityId) -> {
                 tsSubService.saveAndNotify(tenantId, entityId, scope, attributes, new FutureCallback<Void>() {
diff --git a/dao/src/main/java/org/thingsboard/server/dao/device/DeviceServiceImpl.java b/dao/src/main/java/org/thingsboard/server/dao/device/DeviceServiceImpl.java
index cb6d74cf10..8d29b9c447 100644
--- a/dao/src/main/java/org/thingsboard/server/dao/device/DeviceServiceImpl.java
+++ b/dao/src/main/java/org/thingsboard/server/dao/device/DeviceServiceImpl.java
@@ -388,7 +388,7 @@ public class DeviceServiceImpl extends AbstractEntityService implements DeviceSe
                     if (StringUtils.isEmpty(device.getType())) {
                         throw new DataValidationException("Device type should be specified!");
                     }
-                    if (StringUtils.isEmpty(device.getName())) {
+                    if (StringUtils.isEmpty(device.getName()) || device.getName().trim().length() == 0) {
                         throw new DataValidationException("Device name should be specified!");
                     }
                     if (device.getTenantId() == null) {

From 580c8aef51a355254ba14eff88974fee83e12f13 Mon Sep 17 00:00:00 2001
From: zbeacon <ibarkov.ua@gmail.com>
Date: Fri, 30 Oct 2020 14:28:30 +0200
Subject: [PATCH 2/5] Added handler for too long payload exception in MQTT
 transport

---
 .../server/transport/mqtt/MqttTransportHandler.java       | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttTransportHandler.java b/common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttTransportHandler.java
index 5d24f812eb..abb8f629f1 100644
--- a/common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttTransportHandler.java
+++ b/common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttTransportHandler.java
@@ -115,7 +115,13 @@ public class MqttTransportHandler extends ChannelInboundHandlerAdapter implement
         log.trace("[{}] Processing msg: {}", sessionId, msg);
         try {
             if (msg instanceof MqttMessage) {
-                processMqttMsg(ctx, (MqttMessage) msg);
+                MqttMessage message = (MqttMessage) msg;
+                if (message.decoderResult().isSuccess()) {
+                    processMqttMsg(ctx, message);
+                } else {
+                    log.error("[{}] Message processing failed: {}", sessionId, message.decoderResult().cause().getMessage());
+                    ctx.close();
+                }
             } else {
                 ctx.close();
             }

From eece6418c36e99fa810f4527324519648e7fa24e Mon Sep 17 00:00:00 2001
From: YevhenBondarenko <ybondarenko@thingsboard.io>
Date: Thu, 12 Nov 2020 13:22:32 +0200
Subject: [PATCH 3/5] updated versions

---
 application/pom.xml                        |  4 ---
 pom.xml                                    | 30 +++++++++++-----------
 rule-engine/rule-engine-components/pom.xml |  5 ++++
 tools/pom.xml                              |  1 -
 4 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/application/pom.xml b/application/pom.xml
index 1730d7a5a5..1783d9f4c5 100644
--- a/application/pom.xml
+++ b/application/pom.xml
@@ -145,10 +145,6 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-websocket</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-oauth2</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-oauth2-client</artifactId>
diff --git a/pom.xml b/pom.xml
index 335e6c7eba..3495f83971 100755
--- a/pom.xml
+++ b/pom.xml
@@ -36,11 +36,10 @@
         <pkg.implementationTitle>${project.name}</pkg.implementationTitle>
         <pkg.unixLogFolder>/var/log/${pkg.name}</pkg.unixLogFolder>
         <pkg.installFolder>/usr/share/${pkg.name}</pkg.installFolder>
-        <spring-boot.version>2.2.6.RELEASE</spring-boot.version>
-        <spring-oauth2.version>2.1.2.RELEASE</spring-oauth2.version>
-        <spring.version>5.2.6.RELEASE</spring.version>
-        <spring-security.version>5.2.3.RELEASE</spring-security.version>
-        <spring-data-redis.version>2.2.4.RELEASE</spring-data-redis.version>
+        <spring-boot.version>2.3.5.RELEASE</spring-boot.version>
+        <spring.version>5.3.1</spring.version>
+        <spring-security.version>5.4.1</spring-security.version>
+        <spring-data-redis.version>2.4.1</spring-data-redis.version>
         <jedis.version>3.1.0</jedis.version>
         <jjwt.version>0.7.0</jjwt.version>
         <json-path.version>2.2.0</json-path.version>
@@ -51,15 +50,16 @@
         <rat.version>0.10</rat.version>
         <cassandra.version>3.6.0</cassandra.version>
         <cassandra-unit.version>3.5.0.1</cassandra-unit.version>
+        <cassandra-all.version>3.11.9</cassandra-all.version>
         <takari-cpsuite.version>1.2.7</takari-cpsuite.version>
         <guava.version>28.2-jre</guava.version>
         <caffeine.version>2.6.1</caffeine.version>
         <commons-lang3.version>3.4</commons-lang3.version>
         <commons-io.version>2.5</commons-io.version>
         <commons-csv.version>1.4</commons-csv.version>
-        <jackson.version>2.10.2</jackson.version>
-        <jackson-annotations.version>2.10.2</jackson-annotations.version>
-        <jackson-core.version>2.10.2</jackson-core.version>
+        <jackson.version>2.11.3</jackson.version>
+        <jackson-annotations.version>2.11.3</jackson-annotations.version>
+        <jackson-core.version>2.11.3</jackson-core.version>
         <json-schema-validator.version>2.2.6</json-schema-validator.version>
         <californium.version>1.0.2</californium.version>
         <gson.version>2.6.2</gson.version>
@@ -72,7 +72,7 @@
         <grpc.version>1.22.1</grpc.version>
         <lombok.version>1.16.18</lombok.version>
         <paho.client.version>1.1.0</paho.client.version>
-        <netty.version>4.1.49.Final</netty.version>
+        <netty.version>4.1.53.Final</netty.version>
         <os-maven-plugin.version>1.5.0</os-maven-plugin.version>
         <rabbitmq.version>4.8.0</rabbitmq.version>
         <surfire.version>2.19.1</surfire.version>
@@ -96,7 +96,7 @@
         <bucket4j.version>4.1.1</bucket4j.version>
         <fst.version>2.57</fst.version>
         <antlr.version>2.7.7</antlr.version>
-        <snakeyaml.version>1.25</snakeyaml.version>
+        <snakeyaml.version>1.27</snakeyaml.version>
         <struts.version>1.3.10</struts.version>
         <amazonaws.sqs.version>1.11.747</amazonaws.sqs.version>
         <pubsub.client.version>1.105.0</pubsub.client.version>
@@ -867,11 +867,6 @@
                 <artifactId>spring-boot-starter-security</artifactId>
                 <version>${spring-boot.version}</version>
             </dependency>
-            <dependency>
-                <groupId>org.springframework.cloud</groupId>
-                <artifactId>spring-cloud-starter-oauth2</artifactId>
-                <version>${spring-oauth2.version}</version>
-            </dependency>
             <dependency>
                 <groupId>org.springframework.security</groupId>
                 <artifactId>spring-security-oauth2-client</artifactId>
@@ -1214,6 +1209,11 @@
                 <version>${cassandra-unit.version}</version>
                 <scope>test</scope>
             </dependency>
+            <dependency>
+                <groupId>org.apache.cassandra</groupId>
+                <artifactId>cassandra-all</artifactId>
+                <version>${cassandra-all.version}</version>
+            </dependency>
             <dependency>
                 <groupId>junit</groupId>
                 <artifactId>junit</artifactId>
diff --git a/rule-engine/rule-engine-components/pom.xml b/rule-engine/rule-engine-components/pom.xml
index 00d8101e5a..5bb14db250 100644
--- a/rule-engine/rule-engine-components/pom.xml
+++ b/rule-engine/rule-engine-components/pom.xml
@@ -120,6 +120,11 @@
             <groupId>org.locationtech.jts</groupId>
             <artifactId>jts-core</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.sun.mail</groupId>
+            <artifactId>javax.mail</artifactId>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
diff --git a/tools/pom.xml b/tools/pom.xml
index 91bf319b0e..10bfa3cc5b 100644
--- a/tools/pom.xml
+++ b/tools/pom.xml
@@ -54,7 +54,6 @@
         <dependency>
             <groupId>org.apache.cassandra</groupId>
             <artifactId>cassandra-all</artifactId>
-            <version>3.11.6</version>
         </dependency>
         <dependency>
             <groupId>com.datastax.cassandra</groupId>

From 5850fa0cd92ebf8e1deec1bd3875dd3378bae5f8 Mon Sep 17 00:00:00 2001
From: YevhenBondarenko <ybondarenko@thingsboard.io>
Date: Thu, 12 Nov 2020 18:58:07 +0200
Subject: [PATCH 4/5] updated jedis version

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 3495f83971..00968c525a 100755
--- a/pom.xml
+++ b/pom.xml
@@ -40,7 +40,7 @@
         <spring.version>5.3.1</spring.version>
         <spring-security.version>5.4.1</spring-security.version>
         <spring-data-redis.version>2.4.1</spring-data-redis.version>
-        <jedis.version>3.1.0</jedis.version>
+        <jedis.version>3.3.0</jedis.version>
         <jjwt.version>0.7.0</jjwt.version>
         <json-path.version>2.2.0</json-path.version>
         <junit.version>4.12</junit.version>

From 57c14f1c93274f1f4013f3308363f5307a4dde7e Mon Sep 17 00:00:00 2001
From: YevhenBondarenko <ybondarenko@thingsboard.io>
Date: Fri, 13 Nov 2020 10:17:46 +0200
Subject: [PATCH 5/5] changed spring version to 5.2.10.RELEASE

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 00968c525a..03b815635d 100755
--- a/pom.xml
+++ b/pom.xml
@@ -37,7 +37,7 @@
         <pkg.unixLogFolder>/var/log/${pkg.name}</pkg.unixLogFolder>
         <pkg.installFolder>/usr/share/${pkg.name}</pkg.installFolder>
         <spring-boot.version>2.3.5.RELEASE</spring-boot.version>
-        <spring.version>5.3.1</spring.version>
+        <spring.version>5.2.10.RELEASE</spring.version>
         <spring-security.version>5.4.1</spring-security.version>
         <spring-data-redis.version>2.4.1</spring-data-redis.version>
         <jedis.version>3.3.0</jedis.version>