From c74cf3a9c89b517d108dc48337329ad27a858a03 Mon Sep 17 00:00:00 2001
From: yunyezhang-work <yunyezhang_work@163.com>
Date: Tue, 18 Nov 2025 01:42:42 +0800
Subject: [PATCH] Fix the out-of-bounds issue caused by overly long kms keys

---
 .../org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java  | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
index cb5739f61d..9f600d544a 100755
--- a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
+++ b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
@@ -270,7 +270,9 @@ public KeyVersion createKey(String name, byte[] material, Options options)
 		if (dbStore.engineContainsAlias(name) || cache.containsKey(name)) {
 			throw new IOException("Key " + name + " already exists");
 		}
-
+		if(name.length() > 255){
+			throw new IOException("Key " + name + " length exceeds the limit of 255 characters.");
+		}
 		Metadata meta = new Metadata(options.getCipher(),
 				options.getBitLength(), options.getDescription(),
 				options.getAttributes(), new Date(), 1);