Package org.openjdk.jmc.common.io

Class ValidatingObjectInputStream

java.lang.Object

java.io.InputStream

java.io.ObjectInputStream

org.openjdk.jmc.common.io.ValidatingObjectInputStream

All Implemented Interfaces:

Closeable, DataInput, ObjectInput, ObjectStreamConstants, AutoCloseable

public class ValidatingObjectInputStream
extends ObjectInputStream

ObjectInputStream that validates the classes and count of objects and bytes read from it.

Reading must be done using the safeRead methods which sets validation parameters before reading. Any attempt to use read methods will be blocked.

See OWASP.

Nested Class Summary

Nested classes/interfaces inherited from class java.io.ObjectInputStream

ObjectInputStream.GetField

Field Summary

Fields inherited from interface java.io.ObjectStreamConstants

baseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, SERIAL_FILTER_PERMISSION, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING

Method Summary

Modifier and Type	Method	Description
static ValidatingObjectInputStream	build(InputStream in)	Create a new input stream for reading objects.
protected Class<?>	resolveClass(ObjectStreamClass desc)
protected Object	resolveObject(Object obj)
long	safeReadLong()	Update validation parameters and read the next long from the stream.
<T> T	safeReadObject(Class<T> type, Collection<Class<?>> safeClasses, int maxObjects, long maxBytes)	Update validation parameters and read the next object from the stream.

Methods inherited from class java.io.ObjectInputStream

available, close, defaultReadObject, enableResolveObject, getObjectInputFilter, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveProxyClass, setObjectInputFilter, skipBytes

Methods inherited from class java.io.InputStream

mark, markSupported, nullInputStream, read, readAllBytes, readNBytes, readNBytes, reset, skip, transferTo

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface java.io.ObjectInput

read, skip

Method Detail

build

public static ValidatingObjectInputStream build(InputStream in)
                                         throws IOException

Create a new input stream for reading objects. This stream will be initialized so that no objects are permitted to be read. To read objects you should use safeReadObject(Class, Collection, int, long) which updates the validation parameters before reading.

Parameters:

in - stream to read from

Returns:

a new input stream for reading objects

Throws:

IOException - on I/O error

safeReadObject

public <T> T safeReadObject(Class<T> type,
                            Collection<Class<?>> safeClasses,
                            int maxObjects,
                            long maxBytes)
                     throws ClassNotFoundException,
                            IOException,
                            ClassCastException

Update validation parameters and read the next object from the stream.

Type Parameters:

T - type of returned object

Parameters:

type - Type to return. This type will be whitelisted. If the stored object may be of a subclass to this type then the permitted subclasses must be included in safeClasses.

safeClasses - Collection of whitelisted classes. This must include all classes used within the stored object.

maxObjects - Maximum number of objects to read. This must be large enough to permit valid use, especially for collection objects.

maxBytes - Maximum number of bytes to read from the stream. This must be large enough to permit valid use, especially for collection objects.

Returns:

the object read from the stream

Throws:

IOException - on I/O error

ClassNotFoundException - if the class of the stored object can't be found

ClassCastException - if the object is not of the specified type

safeReadLong

public long safeReadLong()
                  throws IOException

Update validation parameters and read the next long from the stream.

Returns:

the long value read from the stream

Throws:

IOException - on I/O error

resolveObject

protected Object resolveObject(Object obj)
                        throws IOException

Overrides:

resolveObject in class ObjectInputStream

Throws:

IOException

resolveClass

protected Class<?> resolveClass(ObjectStreamClass desc)
                         throws IOException,
                                ClassNotFoundException

Overrides:

resolveClass in class ObjectInputStream

Throws:

IOException

ClassNotFoundException