Package org.openjdk.jmc.common.io

Class ValidatingObjectInputStream

  • All Implemented Interfaces:
    java.io.Closeable, java.io.DataInput, java.io.ObjectInput, java.io.ObjectStreamConstants, java.lang.AutoCloseable
    public class ValidatingObjectInputStream
extends java.io.ObjectInputStream
    ObjectInputStream that validates the classes and count of objects and bytes read from it.

    Reading must be done using the safeRead methods which sets validation parameters before reading. Any attempt to use read methods will be blocked.

    See OWASP.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      private static class  ValidatingObjectInputStream.LimitedInputStream
      Input stream that limits the amount of data that is permitted to be read.

      • Nested classes/interfaces inherited from class java.io.ObjectInputStream

        java.io.ObjectInputStream.GetField

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private ValidatingObjectInputStream.LimitedInputStream in  
      private int maxObjects  
      private int readObjects  
      private java.util.Collection<java.lang.Class<?>> safeClasses  

      • Fields inherited from interface java.io.ObjectStreamConstants

        baseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, SERIAL_FILTER_PERMISSION, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static ValidatingObjectInputStream build​(java.io.InputStream in)
      Create a new input stream for reading objects.
      protected java.lang.Class<?> resolveClass​(java.io.ObjectStreamClass desc)  
      protected java.lang.Object resolveObject​(java.lang.Object obj)  
      long safeReadLong()
      Update validation parameters and read the next long from the stream.
      <T> T safeReadObject​(java.lang.Class<T> type, java.util.Collection<java.lang.Class<?>> safeClasses, int maxObjects, long maxBytes)
      Update validation parameters and read the next object from the stream.
      private void updateValidation​(java.util.Collection<java.lang.Class<?>> safeClasses, int maxObjects, long maxBytes)  
      private void zeroValidation()  

      • Methods inherited from class java.io.ObjectInputStream

        available, close, defaultReadObject, enableResolveObject, getObjectInputFilter, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveProxyClass, setObjectInputFilter, skipBytes

      • Methods inherited from class java.io.InputStream

        mark, markSupported, nullInputStream, read, readAllBytes, readNBytes, readNBytes, reset, skip, transferTo

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface java.io.ObjectInput

        read, skip

    • Method Detail

      • build

        public static ValidatingObjectInputStream build​(java.io.InputStream in)
                                         throws java.io.IOException
        Create a new input stream for reading objects. This stream will be initialized so that no objects are permitted to be read. To read objects you should use safeReadObject(Class, Collection, int, long) which updates the validation parameters before reading.
        Parameters:
        in - stream to read from
        Returns:
        a new input stream for reading objects
        Throws:
        java.io.IOException - on I/O error

      • safeReadObject

        public <T> T safeReadObject​(java.lang.Class<T> type,
                            java.util.Collection<java.lang.Class<?>> safeClasses,
                            int maxObjects,
                            long maxBytes)
                     throws java.lang.ClassNotFoundException,
                            java.io.IOException,
                            java.lang.ClassCastException
        Update validation parameters and read the next object from the stream.
        Type Parameters:
        T - type of returned object
        Parameters:
        type - Type to return. This type will be whitelisted. If the stored object may be of a subclass to this type then the permitted subclasses must be included in safeClasses.
        safeClasses - Collection of whitelisted classes. This must include all classes used within the stored object.
        maxObjects - Maximum number of objects to read. This must be large enough to permit valid use, especially for collection objects.
        maxBytes - Maximum number of bytes to read from the stream. This must be large enough to permit valid use, especially for collection objects.
        Returns:
        the object read from the stream
        Throws:
        java.io.IOException - on I/O error
        java.lang.ClassNotFoundException - if the class of the stored object can't be found
        java.lang.ClassCastException - if the object is not of the specified type

      • safeReadLong

        public long safeReadLong()
                  throws java.io.IOException
        Update validation parameters and read the next long from the stream.
        Returns:
        the long value read from the stream
        Throws:
        java.io.IOException - on I/O error

      • updateValidation

        private void updateValidation​(java.util.Collection<java.lang.Class<?>> safeClasses,
                              int maxObjects,
                              long maxBytes)

      • zeroValidation

        private void zeroValidation()

      • resolveObject

        protected java.lang.Object resolveObject​(java.lang.Object obj)
                                  throws java.io.IOException
        Overrides:
        resolveObject in class java.io.ObjectInputStream
        Throws:
        java.io.IOException

      • resolveClass

        protected java.lang.Class<?> resolveClass​(java.io.ObjectStreamClass desc)
                                   throws java.io.IOException,
                                          java.lang.ClassNotFoundException
        Overrides:
        resolveClass in class java.io.ObjectInputStream
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException