Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14095

Replace Java serialization with Javabin in Overseer operations

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 8.5, 9.0
    • None
    • None

    Description

      Removing the use of serialization is greatly preferred.

      But if serialization over the wire must really happen, then we must use JDK's serialization filtering capability to prevent havoc.
      https://docs.oracle.com/javase/10/core/serialization-filtering1.htm#JSCOR-GUID-3ECB288D-E5BD-4412-892F-E9BB11D4C98A

      Attachments

        1. SOLR-14095-json.patch
          29 kB
          Tomas Eduardo Fernandez Lobbe
        2. json-nl.patch
          4 kB
          Noble Paul

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. SOLR-14219 OverseerSolrResponse's serialVersionUID has changed

          • Major - Major loss of function.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. SOLR-15718 Remove backcompat feature solr.useUnsafeOverseerResponse

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. SOLR-14117 remove java serialization from AnalyticsShardResponseParser.java

          • Major - Major loss of function.
          • Open

          Task - A task that needs to be done. LUCENE-9094 Ban ObjectInputStream and ObjectOutputStream in forbidden-apis

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #1095

          Activity

            People

              tflobbe Tomas Eduardo Fernandez Lobbe
              rcmuir Robert Muir
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h 20m
                  1h 20m