[jira] [Resolved] (OAK-7119) Restrict de-serialization mechanism for older serialized cache map in DataStoreCacheUtils to the classes required

Amit Jain (JIRA) Mon, 08 Jan 2018 20:14:27 -0800

     [ 
https://issues.apache.org/jira/browse/OAK-7119?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Amit Jain resolved OAK-7119.
----------------------------
    Resolution: Fixed

> Restrict de-serialization mechanism for older serialized cache map in 
> DataStoreCacheUtils to the classes required
> -----------------------------------------------------------------------------------------------------------------
>
>                 Key: OAK-7119
>                 URL: https://issues.apache.org/jira/browse/OAK-7119
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: blob-plugins
>            Reporter: Amit Jain
>            Assignee: Amit Jain
>              Labels: candidate_oak_1_6
>             Fix For: 1.8.0
>
>
> We could use the class 
> https://commons.apache.org/proper/commons-io/javadocs/api-2.5/org/apache/commons/io/serialization/ValidatingObjectInputStream.html
>  to restrict de-serialization to the required classes and throw errors in 
> case of others.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (OAK-7119) Restrict de-serialization mechanism for older serialized cache map in DataStoreCacheUtils to the classes required

Reply via email to