[OAK-7119] Restrict de-serialization mechanism for older serialized cache map in DataStoreCacheUtils to the classes required - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.6.7, 1.7.14
Fix Version/s: 1.6.8, 1.8.0
Component/s: blob-plugins
Labels:
None

Description

We could use the class https://commons.apache.org/proper/commons-io/javadocs/api-2.5/org/apache/commons/io/serialization/ValidatingObjectInputStream.html to restrict de-serialization to the required classes and throw errors in case of others.

Attachments

Activity

People

Assignee:: Amit Jain

Reporter:: Amit Jain

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Jan/18 09:54

Updated:: 12/Jan/18 11:58

Resolved:: 09/Jan/18 04:13