Java Code Examples for sun.misc.ObjectInputFilter#Status

The following examples show how to use sun.misc.ObjectInputFilter#Status . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SerialFilterTest.java    From jdk8u-jdk with GNU General Public License v2.0 7 votes vote down vote up
@Override
public ObjectInputFilter.Status checkInput(FilterInfo filter) {
    count++;
    if (filter.serialClass() != null) {
        if (filter.serialClass().getName().contains("$$Lambda$")) {
            // TBD: proper identification of serialized Lambdas?
            // Fold the serialized Lambda into the SerializedLambda type
            classes.add(SerializedLambda.class);
        } else if (Proxy.isProxyClass(filter.serialClass())) {
            classes.add(Proxy.class);
        } else {
            classes.add(filter.serialClass());
        }

    }
    this.maxArray = Math.max(this.maxArray, filter.arrayLength());
    this.maxRefs = Math.max(this.maxRefs, filter.references());
    this.maxDepth = Math.max(this.maxDepth, filter.depth());
    this.maxBytes = Math.max(this.maxBytes, filter.streamBytes());
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 2
Source File: JceKeyStore.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
@Override
public ObjectInputFilter.Status
    checkInput(ObjectInputFilter.FilterInfo info) {

    // First run a custom filter
    long nestedDepth = info.depth();
    if ((nestedDepth == 1 &&
                info.serialClass() != SealedObjectForKeyProtector.class) ||
            info.arrayLength() > fullLength ||
            (nestedDepth > MAX_NESTED_DEPTH &&
                info.serialClass() != null &&
                info.serialClass() != Object.class)) {
        return Status.REJECTED;
    }

    // Next run the default filter, if available
    ObjectInputFilter defaultFilter =
        ObjectInputFilter.Config.getSerialFilter();
    if (defaultFilter != null) {
        return defaultFilter.checkInput(info);
    }

    return Status.UNDECIDED;
}
 
Example 3
Source File: JceKeyStore.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
@Override
public ObjectInputFilter.Status
    checkInput(ObjectInputFilter.FilterInfo info) {

    // First run a custom filter
    long nestedDepth = info.depth();
    if ((nestedDepth == 1 &&
                info.serialClass() != SealedObjectForKeyProtector.class) ||
            (nestedDepth > MAX_NESTED_DEPTH &&
                info.serialClass() != null &&
                info.serialClass() != Object.class)) {
        return Status.REJECTED;
    }

    // Next run the default filter, if available
    ObjectInputFilter defaultFilter =
        ObjectInputFilter.Config.getSerialFilter();
    if (defaultFilter != null) {
        return defaultFilter.checkInput(info);
    }

    return Status.UNDECIDED;
}
 
Example 4
Source File: SerialFilterTest.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
@Override
public ObjectInputFilter.Status checkInput(FilterInfo filter) {
    Class<?> serialClass = filter.serialClass();
    System.out.printf("     checkInput: class: %s, arrayLen: %d, refs: %d, depth: %d, bytes; %d%n",
            serialClass, filter.arrayLength(), filter.references(),
            filter.depth(), filter.streamBytes());
    count++;
    if (serialClass != null) {
        if (serialClass.getName().contains("$$Lambda$")) {
            // TBD: proper identification of serialized Lambdas?
            // Fold the serialized Lambda into the SerializedLambda type
            classes.add(SerializedLambda.class);
        } else if (Proxy.isProxyClass(serialClass)) {
            classes.add(Proxy.class);
        } else {
            classes.add(serialClass);
        }

    }
    this.maxArray = Math.max(this.maxArray, filter.arrayLength());
    this.maxRefs = Math.max(this.maxRefs, filter.references());
    this.maxDepth = Math.max(this.maxDepth, filter.depth());
    this.maxBytes = Math.max(this.maxBytes, filter.streamBytes());
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 5
Source File: SerialFilterTest.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
@Override
public ObjectInputFilter.Status checkInput(FilterInfo filter) {
    if (ReadResolveToArray.class.isAssignableFrom(filter.serialClass())) {
        return ObjectInputFilter.Status.ALLOWED;
    }
    if (filter.serialClass() != array.getClass() ||
            (filter.arrayLength() >= 0 && filter.arrayLength() != length)) {
        return ObjectInputFilter.Status.REJECTED;
    }
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 6
Source File: ObjectInputStream.java    From JDKSourceCode1.8 with MIT License 5 votes vote down vote up
/**
 * Invoke the serialization filter if non-null.
 * If the filter rejects or an exception is thrown, throws InvalidClassException.
 *
 * @param clazz the class; may be null
 * @param arrayLength the array length requested; use {@code -1} if not creating an array
 * @throws InvalidClassException if it rejected by the filter or
 *        a {@link RuntimeException} is thrown
 */
private void filterCheck(Class<?> clazz, int arrayLength)
        throws InvalidClassException {
    if (serialFilter != null) {
        RuntimeException ex = null;
        ObjectInputFilter.Status status;
        // Info about the stream is not available if overridden by subclass, return 0
        long bytesRead = (bin == null) ? 0 : bin.getBytesRead();
        try {
            status = serialFilter.checkInput(new FilterValues(clazz, arrayLength,
                    totalObjectRefs, depth, bytesRead));
        } catch (RuntimeException e) {
            // Preventive interception of an exception to log
            status = ObjectInputFilter.Status.REJECTED;
            ex = e;
        }
        if (status == null  ||
                status == ObjectInputFilter.Status.REJECTED) {
            // Debug logging of filter checks that fail
            if (Logging.infoLogger != null) {
                Logging.infoLogger.info(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
            InvalidClassException ice = new InvalidClassException("filter status: " + status);
            ice.initCause(ex);
            throw ice;
        } else {
            // Trace logging for those that succeed
            if (Logging.traceLogger != null) {
                Logging.traceLogger.finer(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
        }
    }
}
 
Example 7
Source File: DGCImpl_Stub.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to filter DGCClient return value (a Lease).
 * The list of acceptable classes is very short and explicit.
 * The depth and array sizes are limited.
 * <p>
 * The filter must accept normal and exception returns.
 * A DGC server may throw exceptions that may have a cause
 * and suppressed exceptions.
 *
 * @param filterInfo access to class, arrayLength, etc.
 * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
 *          {@link ObjectInputFilter.Status#REJECTED} if rejected,
 *          otherwise {@link ObjectInputFilter.Status#UNDECIDED}
 */
private static ObjectInputFilter.Status leaseFilter(ObjectInputFilter.FilterInfo filterInfo) {

    if (filterInfo.depth() > DGCCLIENT_MAX_DEPTH) {
        return ObjectInputFilter.Status.REJECTED;
    }
    Class<?> clazz = filterInfo.serialClass();
    if (clazz != null) {
        while (clazz.isArray()) {
            if (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > DGCCLIENT_MAX_ARRAY_SIZE) {
                return ObjectInputFilter.Status.REJECTED;
            }
            // Arrays are allowed depending on the component type
            clazz = clazz.getComponentType();
        }
        if (clazz.isPrimitive()) {
            // Arrays of primitives are allowed
            return ObjectInputFilter.Status.ALLOWED;
        }
        return (clazz == UID.class ||
                clazz == VMID.class ||
                clazz == Lease.class ||
                (Throwable.class.isAssignableFrom(clazz) &&
                        clazz.getClassLoader() ==
                        Object.class.getClassLoader()) ||
                clazz == StackTraceElement.class ||
                clazz == ArrayList.class ||     // for suppressed exceptions, if any
                clazz == Object.class ||
                clazz.getName().equals("java.util.Collections$UnmodifiableList") ||
                clazz.getName().equals("java.util.Collections$UnmodifiableCollection") ||
                clazz.getName().equals("java.util.Collections$UnmodifiableRandomAccessList"))
                ? ObjectInputFilter.Status.ALLOWED
                : ObjectInputFilter.Status.REJECTED;
    }
    // Not a class, not size limited
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 8
Source File: RegistryImpl.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to filter Registry input objects.
 * The list of acceptable classes is limited to classes normally
 * stored in a registry.
 *
 * @param filterInfo access to the class, array length, etc.
 * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
 *          {@link ObjectInputFilter.Status#REJECTED} if rejected,
 *          otherwise {@link ObjectInputFilter.Status#UNDECIDED}
 */
private static ObjectInputFilter.Status registryFilter(ObjectInputFilter.FilterInfo filterInfo) {
    if (registryFilter != null) {
        ObjectInputFilter.Status status = registryFilter.checkInput(filterInfo);
        if (status != ObjectInputFilter.Status.UNDECIDED) {
            // The Registry filter can override the built-in white-list
            return status;
        }
    }

    if (filterInfo.depth() > REGISTRY_MAX_DEPTH) {
        return ObjectInputFilter.Status.REJECTED;
    }
    Class<?> clazz = filterInfo.serialClass();
    if (clazz != null) {
        if (clazz.isArray()) {
            // Arrays are REJECTED only if they exceed the limit
            return (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > REGISTRY_MAX_ARRAY_SIZE)
                ? ObjectInputFilter.Status.REJECTED
                : ObjectInputFilter.Status.UNDECIDED;
        }
        if (String.class == clazz
                || java.lang.Number.class.isAssignableFrom(clazz)
                || Remote.class.isAssignableFrom(clazz)
                || java.lang.reflect.Proxy.class.isAssignableFrom(clazz)
                || UnicastRef.class.isAssignableFrom(clazz)
                || RMIClientSocketFactory.class.isAssignableFrom(clazz)
                || RMIServerSocketFactory.class.isAssignableFrom(clazz)
                || java.rmi.activation.ActivationID.class.isAssignableFrom(clazz)
                || java.rmi.server.UID.class.isAssignableFrom(clazz)) {
            return ObjectInputFilter.Status.ALLOWED;
        } else {
            return ObjectInputFilter.Status.REJECTED;
        }
    }
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 9
Source File: ObjectInputStream.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Invoke the serialization filter if non-null.
 * If the filter rejects or an exception is thrown, throws InvalidClassException.
 *
 * @param clazz the class; may be null
 * @param arrayLength the array length requested; use {@code -1} if not creating an array
 * @throws InvalidClassException if it rejected by the filter or
 *        a {@link RuntimeException} is thrown
 */
private void filterCheck(Class<?> clazz, int arrayLength)
        throws InvalidClassException {
    if (serialFilter != null) {
        RuntimeException ex = null;
        ObjectInputFilter.Status status;
        // Info about the stream is not available if overridden by subclass, return 0
        long bytesRead = (bin == null) ? 0 : bin.getBytesRead();
        try {
            status = serialFilter.checkInput(new FilterValues(clazz, arrayLength,
                    totalObjectRefs, depth, bytesRead));
        } catch (RuntimeException e) {
            // Preventive interception of an exception to log
            status = ObjectInputFilter.Status.REJECTED;
            ex = e;
        }
        if (status == null  ||
                status == ObjectInputFilter.Status.REJECTED) {
            // Debug logging of filter checks that fail
            if (Logging.infoLogger != null) {
                Logging.infoLogger.info(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
            InvalidClassException ice = new InvalidClassException("filter status: " + status);
            ice.initCause(ex);
            throw ice;
        } else {
            // Trace logging for those that succeed
            if (Logging.traceLogger != null) {
                Logging.traceLogger.finer(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
        }
    }
}
 
Example 10
Source File: SingleEntryRegistry.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to check parameters to SingleEntryRegistry.
 * Since it is a read-only Registry, no classes are accepted.
 * String arguments are accepted without passing them to the serialFilter.
 *
 * @param info a reference to the serialization filter information
 * @return Status.REJECTED if parameters are out of range
 */
private static ObjectInputFilter.Status singleRegistryFilter(ObjectInputFilter.FilterInfo info) {
    return (info.serialClass() != null ||
            info.depth() > 2 ||
            info.references() > 4 ||
            info.arrayLength() >= 0)
    ? ObjectInputFilter.Status.REJECTED
    : ObjectInputFilter.Status.ALLOWED;
}
 
Example 11
Source File: ObjectInputStream.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Invoke the serialization filter if non-null.
 * If the filter rejects or an exception is thrown, throws InvalidClassException.
 *
 * @param clazz the class; may be null
 * @param arrayLength the array length requested; use {@code -1} if not creating an array
 * @throws InvalidClassException if it rejected by the filter or
 *        a {@link RuntimeException} is thrown
 */
private void filterCheck(Class<?> clazz, int arrayLength)
        throws InvalidClassException {
    if (serialFilter != null) {
        RuntimeException ex = null;
        ObjectInputFilter.Status status;
        // Info about the stream is not available if overridden by subclass, return 0
        long bytesRead = (bin == null) ? 0 : bin.getBytesRead();
        try {
            status = serialFilter.checkInput(new FilterValues(clazz, arrayLength,
                    totalObjectRefs, depth, bytesRead));
        } catch (RuntimeException e) {
            // Preventive interception of an exception to log
            status = ObjectInputFilter.Status.REJECTED;
            ex = e;
        }
        if (status == null  ||
                status == ObjectInputFilter.Status.REJECTED) {
            // Debug logging of filter checks that fail
            if (Logging.infoLogger != null) {
                Logging.infoLogger.info(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
            InvalidClassException ice = new InvalidClassException("filter status: " + status);
            ice.initCause(ex);
            throw ice;
        } else {
            // Trace logging for those that succeed
            if (Logging.traceLogger != null) {
                Logging.traceLogger.finer(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
        }
    }
}
 
Example 12
Source File: DGCImpl.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to filter DGC input objects.
 * The list of acceptable classes is very short and explicit.
 * The depth and array sizes are limited.
 *
 * @param filterInfo access to class, arrayLength, etc.
 * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
 *          {@link ObjectInputFilter.Status#REJECTED} if rejected,
 *          otherwise {@link ObjectInputFilter.Status#UNDECIDED}
 */
private static ObjectInputFilter.Status checkInput(ObjectInputFilter.FilterInfo filterInfo) {
    if (dgcFilter != null) {
        ObjectInputFilter.Status status = dgcFilter.checkInput(filterInfo);
        if (status != ObjectInputFilter.Status.UNDECIDED) {
            // The DGC filter can override the built-in white-list
            return status;
        }
    }

    if (filterInfo.depth() > DGC_MAX_DEPTH) {
        return ObjectInputFilter.Status.REJECTED;
    }
    Class<?> clazz = filterInfo.serialClass();
    if (clazz != null) {
        while (clazz.isArray()) {
            if (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > DGC_MAX_ARRAY_SIZE) {
                return ObjectInputFilter.Status.REJECTED;
            }
            // Arrays are allowed depending on the component type
            clazz = clazz.getComponentType();
        }
        if (clazz.isPrimitive()) {
            // Arrays of primitives are allowed
            return ObjectInputFilter.Status.ALLOWED;
        }
        return (clazz == ObjID.class ||
                clazz == UID.class ||
                clazz == VMID.class ||
                clazz == Lease.class)
                ? ObjectInputFilter.Status.ALLOWED
                : ObjectInputFilter.Status.REJECTED;
    }
    // Not a class, not size limited
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 13
Source File: ObjectInputStream.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Invoke the serialization filter if non-null.
 * If the filter rejects or an exception is thrown, throws InvalidClassException.
 *
 * @param clazz the class; may be null
 * @param arrayLength the array length requested; use {@code -1} if not creating an array
 * @throws InvalidClassException if it rejected by the filter or
 *        a {@link RuntimeException} is thrown
 */
private void filterCheck(Class<?> clazz, int arrayLength)
        throws InvalidClassException {
    if (serialFilter != null) {
        RuntimeException ex = null;
        ObjectInputFilter.Status status;
        // Info about the stream is not available if overridden by subclass, return 0
        long bytesRead = (bin == null) ? 0 : bin.getBytesRead();
        try {
            status = serialFilter.checkInput(new FilterValues(clazz, arrayLength,
                    totalObjectRefs, depth, bytesRead));
        } catch (RuntimeException e) {
            // Preventive interception of an exception to log
            status = ObjectInputFilter.Status.REJECTED;
            ex = e;
        }
        if (status == null  ||
                status == ObjectInputFilter.Status.REJECTED) {
            // Debug logging of filter checks that fail
            if (Logging.infoLogger != null) {
                Logging.infoLogger.info(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
            InvalidClassException ice = new InvalidClassException("filter status: " + status);
            ice.initCause(ex);
            throw ice;
        } else {
            // Trace logging for those that succeed
            if (Logging.traceLogger != null) {
                Logging.traceLogger.finer(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
        }
    }
}
 
Example 14
Source File: SealedObjectForKeyProtector.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
public ObjectInputFilter.Status checkInput(
        ObjectInputFilter.FilterInfo info) {

    if (info.arrayLength() > maxLength) {
        return Status.REJECTED;
    }

    if (info.serialClass() == Object.class) {
        return Status.UNDECIDED;
    }

    if (OWN_FILTER != null) {
        Status result = OWN_FILTER.checkInput(info);
        if (result != Status.UNDECIDED) {
            return result;
        }
    }

    ObjectInputFilter defaultFilter =
            ObjectInputFilter.Config.getSerialFilter();
    if (defaultFilter != null) {
        return defaultFilter.checkInput(info);
    }

    return Status.UNDECIDED;
}
 
Example 15
Source File: RegistryImpl.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to filter Registry input objects.
 * The list of acceptable classes is limited to classes normally
 * stored in a registry.
 *
 * @param filterInfo access to the class, array length, etc.
 * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
 *          {@link ObjectInputFilter.Status#REJECTED} if rejected,
 *          otherwise {@link ObjectInputFilter.Status#UNDECIDED}
 */
private static ObjectInputFilter.Status registryFilter(ObjectInputFilter.FilterInfo filterInfo) {
    if (registryFilter != null) {
        ObjectInputFilter.Status status = registryFilter.checkInput(filterInfo);
        if (status != ObjectInputFilter.Status.UNDECIDED) {
            // The Registry filter can override the built-in white-list
            return status;
        }
    }

    if (filterInfo.depth() > REGISTRY_MAX_DEPTH) {
        return ObjectInputFilter.Status.REJECTED;
    }
    Class<?> clazz = filterInfo.serialClass();
    if (clazz != null) {
        if (clazz.isArray()) {
            // Arrays are REJECTED only if they exceed the limit
            return (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > REGISTRY_MAX_ARRAY_SIZE)
                ? ObjectInputFilter.Status.REJECTED
                : ObjectInputFilter.Status.UNDECIDED;
        }
        if (String.class == clazz
                || java.lang.Number.class.isAssignableFrom(clazz)
                || Remote.class.isAssignableFrom(clazz)
                || java.lang.reflect.Proxy.class.isAssignableFrom(clazz)
                || UnicastRef.class.isAssignableFrom(clazz)
                || RMIClientSocketFactory.class.isAssignableFrom(clazz)
                || RMIServerSocketFactory.class.isAssignableFrom(clazz)
                || java.rmi.activation.ActivationID.class.isAssignableFrom(clazz)
                || java.rmi.server.UID.class.isAssignableFrom(clazz)) {
            return ObjectInputFilter.Status.ALLOWED;
        } else {
            return ObjectInputFilter.Status.REJECTED;
        }
    }
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 16
Source File: SealedObjectForKeyProtector.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
@Override
public ObjectInputFilter.Status checkInput(
        ObjectInputFilter.FilterInfo info) {

    if (info.arrayLength() > maxLength) {
        return Status.REJECTED;
    }

    if (info.serialClass() == Object.class) {
        return Status.UNDECIDED;
    }

    if (OWN_FILTER != null) {
        Status result = OWN_FILTER.checkInput(info);
        if (result != Status.UNDECIDED) {
            return result;
        }
    }

    ObjectInputFilter defaultFilter =
            ObjectInputFilter.Config.getSerialFilter();
    if (defaultFilter != null) {
        return defaultFilter.checkInput(info);
    }

    return Status.UNDECIDED;
}
 
Example 17
Source File: DGCImpl.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to filter DGC input objects.
 * The list of acceptable classes is very short and explicit.
 * The depth and array sizes are limited.
 *
 * @param filterInfo access to class, arrayLength, etc.
 * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
 *          {@link ObjectInputFilter.Status#REJECTED} if rejected,
 *          otherwise {@link ObjectInputFilter.Status#UNDECIDED}
 */
private static ObjectInputFilter.Status checkInput(ObjectInputFilter.FilterInfo filterInfo) {
    if (dgcFilter != null) {
        ObjectInputFilter.Status status = dgcFilter.checkInput(filterInfo);
        if (status != ObjectInputFilter.Status.UNDECIDED) {
            // The DGC filter can override the built-in white-list
            return status;
        }
    }

    if (filterInfo.depth() > DGC_MAX_DEPTH) {
        return ObjectInputFilter.Status.REJECTED;
    }
    Class<?> clazz = filterInfo.serialClass();
    if (clazz != null) {
        while (clazz.isArray()) {
            if (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > DGC_MAX_ARRAY_SIZE) {
                return ObjectInputFilter.Status.REJECTED;
            }
            // Arrays are allowed depending on the component type
            clazz = clazz.getComponentType();
        }
        if (clazz.isPrimitive()) {
            // Arrays of primitives are allowed
            return ObjectInputFilter.Status.ALLOWED;
        }
        return (clazz == ObjID.class ||
                clazz == UID.class ||
                clazz == VMID.class ||
                clazz == Lease.class)
                ? ObjectInputFilter.Status.ALLOWED
                : ObjectInputFilter.Status.REJECTED;
    }
    // Not a class, not size limited
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 18
Source File: DGCImpl_Stub.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * ObjectInputFilter to filter DGCClient return value (a Lease).
 * The list of acceptable classes is very short and explicit.
 * The depth and array sizes are limited.
 * <p>
 * The filter must accept normal and exception returns.
 * A DGC server may throw exceptions that may have a cause
 * and suppressed exceptions.
 *
 * @param filterInfo access to class, arrayLength, etc.
 * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
 *          {@link ObjectInputFilter.Status#REJECTED} if rejected,
 *          otherwise {@link ObjectInputFilter.Status#UNDECIDED}
 */
private static ObjectInputFilter.Status leaseFilter(ObjectInputFilter.FilterInfo filterInfo) {

    if (filterInfo.depth() > DGCCLIENT_MAX_DEPTH) {
        return ObjectInputFilter.Status.REJECTED;
    }
    Class<?> clazz = filterInfo.serialClass();
    if (clazz != null) {
        while (clazz.isArray()) {
            if (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > DGCCLIENT_MAX_ARRAY_SIZE) {
                return ObjectInputFilter.Status.REJECTED;
            }
            // Arrays are allowed depending on the component type
            clazz = clazz.getComponentType();
        }
        if (clazz.isPrimitive()) {
            // Arrays of primitives are allowed
            return ObjectInputFilter.Status.ALLOWED;
        }
        return (clazz == UID.class ||
                clazz == VMID.class ||
                clazz == Lease.class ||
                (Throwable.class.isAssignableFrom(clazz) &&
                        clazz.getClassLoader() ==
                        Object.class.getClassLoader()) ||
                clazz == StackTraceElement.class ||
                clazz == ArrayList.class ||     // for suppressed exceptions, if any
                clazz == Object.class ||
                clazz.getName().equals("java.util.Collections$UnmodifiableList") ||
                clazz.getName().equals("java.util.Collections$UnmodifiableCollection") ||
                clazz.getName().equals("java.util.Collections$UnmodifiableRandomAccessList"))
                ? ObjectInputFilter.Status.ALLOWED
                : ObjectInputFilter.Status.REJECTED;
    }
    // Not a class, not size limited
    return ObjectInputFilter.Status.UNDECIDED;
}
 
Example 19
Source File: ObjectInputStream.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Invoke the serialization filter if non-null.
 * If the filter rejects or an exception is thrown, throws InvalidClassException.
 *
 * @param clazz the class; may be null
 * @param arrayLength the array length requested; use {@code -1} if not creating an array
 * @throws InvalidClassException if it rejected by the filter or
 *        a {@link RuntimeException} is thrown
 */
private void filterCheck(Class<?> clazz, int arrayLength)
        throws InvalidClassException {
    if (serialFilter != null) {
        RuntimeException ex = null;
        ObjectInputFilter.Status status;
        // Info about the stream is not available if overridden by subclass, return 0
        long bytesRead = (bin == null) ? 0 : bin.getBytesRead();
        try {
            status = serialFilter.checkInput(new FilterValues(clazz, arrayLength,
                    totalObjectRefs, depth, bytesRead));
        } catch (RuntimeException e) {
            // Preventive interception of an exception to log
            status = ObjectInputFilter.Status.REJECTED;
            ex = e;
        }
        if (status == null  ||
                status == ObjectInputFilter.Status.REJECTED) {
            // Debug logging of filter checks that fail
            if (Logging.infoLogger != null) {
                Logging.infoLogger.info(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
            InvalidClassException ice = new InvalidClassException("filter status: " + status);
            ice.initCause(ex);
            throw ice;
        } else {
            // Trace logging for those that succeed
            if (Logging.traceLogger != null) {
                Logging.traceLogger.finer(
                        "ObjectInputFilter {0}: {1}, array length: {2}, nRefs: {3}, depth: {4}, bytes: {5}, ex: {6}",
                        status, clazz, arrayLength, totalObjectRefs, depth, bytesRead,
                        Objects.toString(ex, "n/a"));
            }
        }
    }
}
 
Example 20
Source File: MOFilterTest.java    From dragonwell8_jdk with GNU General Public License v2.0 2 votes vote down vote up
/**
 * Filter that rejects class Integer and allows others
 *
 * @param filterInfo access to the class, arrayLength, etc.
 * @return {@code STATUS.REJECTED}
 */
public ObjectInputFilter.Status checkInput(FilterInfo filterInfo) {
    count++;
    return ObjectInputFilter.Status.ALLOWED;
}