Download
Getting Started
Members
Projects
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
More
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
Toggle navigation
Bugzilla – Attachment 281337 Details for
Bug 558633
Deserialization issues
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
Terms of Use
|
Copyright Agent
[patch]
Validate classes
558633.patch (text/plain), 12.26 KB, created by
Andrew Johnson
on 2019-12-26 06:11:47 EST
(
hide
)
Description:
Validate classes
Filename:
MIME Type:
Creator:
Andrew Johnson
Created:
2019-12-26 06:11:47 EST
Size:
12.26 KB
patch
obsolete
>diff --git a/plugins/org.eclipse.mat.parser/src/org/eclipse/mat/parser/internal/SnapshotImpl.java b/plugins/org.eclipse.mat.parser/src/org/eclipse/mat/parser/internal/SnapshotImpl.java >index 3622d0f..67d8fbd 100644 >--- a/plugins/org.eclipse.mat.parser/src/org/eclipse/mat/parser/internal/SnapshotImpl.java >+++ b/plugins/org.eclipse.mat.parser/src/org/eclipse/mat/parser/internal/SnapshotImpl.java >@@ -17,8 +17,10 @@ > import java.io.FileInputStream; > import java.io.FileOutputStream; > import java.io.IOException; >+import java.io.InvalidClassException; > import java.io.ObjectInputStream; > import java.io.ObjectOutputStream; >+import java.io.ObjectStreamClass; > import java.util.ArrayList; > import java.util.Arrays; > import java.util.Collection; >@@ -102,7 +104,75 @@ > File indexFile = new File(prefix + "index"); //$NON-NLS-1$ > fis = new FileInputStream(indexFile); > listener.worked(1); >- ObjectInputStream in = new ObjectInputStream(new BufferedInputStream(fis)); >+ /** >+ * Classes deserialized: >+ * org.eclipse.mat.parser.model.XSnapshotInfo >+ * org.eclipse.mat.parser.model.AbstractObjectImpl >+ * org.eclipse.mat.parser.model.XGCRootInfo >+ * org.eclipse.mat.parser.model.ClassImpl >+ * [Lorg.eclipse.mat.parser.model.XGCRootInfo >+ * org.eclipse.mat.parser.model.XGCRootInfo >+ * >+ * org.eclipse.mat.snapshot.SnapshotInfo >+ * org.eclipse.mat.snapshot.UnreachableObjectsHistogram >+ * >+ * org.eclipse.mat.snapshot.model.GCRootInfo >+ * org.eclipse.mat.snapshot.model.FieldDescriptor >+ * org.eclipse.mat.snapshot.model.Field >+ * [Lorg.eclipse.mat.snapshot.model.FieldDescriptor >+ * [Lorg.eclipse.mat.snapshot.model.Field >+ * org.eclipse.mat.snapshot.model.ObjectReference >+ * >+ * org.eclipse.mat.collect.HashMapIntObject >+ * org.eclipse.mat.collect.BitField >+ * >+ * java.util.ArrayList: >+ * java.util.Date >+ * java.util.HashMap >+ * >+ * java.lang.Boolean >+ * java.lang.Long >+ * java.lang.Number >+ * java.lang.Byte >+ * java.lang.Short >+ * java.lang.Character >+ * java.lang.Double >+ * java.lang.Float >+ * [I >+ * >+ */ >+ ObjectInputStream in = new ObjectInputStream(new BufferedInputStream(fis)) { >+ @Override >+ protected Class<?> resolveClass(ObjectStreamClass desc) throws IOException, ClassNotFoundException { >+ // similar to system property jdk.serialFilter >+ String match="java.lang.*;java.util.*;org.eclipse.mat.parser.model.*;org.eclipse.mat.snapshot.*;org.eclipse.mat.snapshot.model.*;org.eclipse.mat.collect.*;!*"; //$NON-NLS-1$ >+ String nm = desc.getName(); >+ if (!nm.startsWith("[")) //$NON-NLS-1$ >+ { >+ for (String pt : match.split(";")) //$NON-NLS-1$ >+ { >+ boolean not = pt.startsWith("!"); //$NON-NLS-1$ >+ if (not) >+ pt = pt.substring(1); >+ boolean m; >+ if (pt.endsWith(".**")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 2)); >+ else if (pt.endsWith(".*")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 1)) >+ && !nm.substring(pt.length() - 1).contains("."); //$NON-NLS-1$ >+ else if (pt.endsWith("*")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 1)); >+ else >+ m = nm.equals(pt); >+ if (not && m) >+ throw new InvalidClassException(nm, match); >+ if (m) >+ break; >+ } >+ } >+ return super.resolveClass(desc); >+ } >+ }; > > String version = in.readUTF(); > if (!VERSION.equals(version)) >@@ -155,12 +225,26 @@ > } > > IndexManager indexManager = new IndexManager(); >- indexManager.init(prefix); >+ boolean done = false; >+ try >+ { >+ indexManager.init(prefix); > >- SnapshotImpl ret = new SnapshotImpl(snapshotInfo, heapObjectReader, classCache, roots, rootsPerThread, loaderLabels, >- arrayObjects, indexManager); >- listener.worked(3); >- return ret; >+ SnapshotImpl ret = new SnapshotImpl(snapshotInfo, heapObjectReader, classCache, roots, rootsPerThread, loaderLabels, >+ arrayObjects, indexManager); >+ listener.worked(3); >+ done = true; >+ >+ return ret; >+ } >+ finally >+ { >+ if (!done) >+ { >+ // Close files on error to allow delete >+ indexManager.close(); >+ } >+ } > } > catch (ClassNotFoundException e) > { >diff --git a/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/SnapshotHistoryService.java b/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/SnapshotHistoryService.java >index f753ae1..3e61cbc 100644 >--- a/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/SnapshotHistoryService.java >+++ b/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/SnapshotHistoryService.java >@@ -14,8 +14,10 @@ > import java.io.FileInputStream; > import java.io.FileOutputStream; > import java.io.IOException; >+import java.io.InvalidClassException; > import java.io.ObjectInputStream; > import java.io.ObjectOutputStream; >+import java.io.ObjectStreamClass; > import java.io.Serializable; > import java.util.ArrayList; > import java.util.Iterator; >@@ -197,7 +199,47 @@ > > list = new LinkedList<Entry>(); > >- ObjectInputStream oin = new ObjectInputStream(new FileInputStream(file)); >+ /* >+ * org.eclipse.mat.ui.SnapshotHistoryService$Entry >+ * java.lang.Long >+ * java.lang.Number >+ * org.eclipse.mat.snapshot.SnapshotInfo >+ * java.util.Date >+ * java.util.HashMap >+ * java.lang.Boolean >+ */ >+ ObjectInputStream oin = new ObjectInputStream(new FileInputStream(file)) { >+ @Override >+ protected Class<?> resolveClass(ObjectStreamClass desc) throws IOException, ClassNotFoundException { >+ // similar to system property jdk.serialFilter >+ String match="java.lang.*;java.util.*;org.eclipse.mat.snapshot.SnapshotInfo;org.eclipse.mat.ui.SnapshotHistoryService$Entry;!*"; //$NON-NLS-1$ >+ String nm = desc.getName(); >+ if (!nm.startsWith("[")) //$NON-NLS-1$ >+ { >+ for (String pt : match.split(";")) //$NON-NLS-1$ >+ { >+ boolean not = pt.startsWith("!"); //$NON-NLS-1$ >+ if (not) >+ pt = pt.substring(1); >+ boolean m; >+ if (pt.endsWith(".**")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 2)); >+ else if (pt.endsWith(".*")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 1)) >+ && !nm.substring(pt.length() - 1).contains("."); //$NON-NLS-1$ >+ else if (pt.endsWith("*")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 1)); >+ else >+ m = nm.equals(pt); >+ if (not && m) >+ throw new InvalidClassException(nm, match); >+ if (m) >+ break; >+ } >+ } >+ return super.resolveClass(desc); >+ } >+ }; > try > { > int size = oin.readInt(); >diff --git a/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/internal/browser/QueryHistory.java b/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/internal/browser/QueryHistory.java >index 4864eb0..786c1c5 100644 >--- a/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/internal/browser/QueryHistory.java >+++ b/plugins/org.eclipse.mat.ui/src/org/eclipse/mat/ui/internal/browser/QueryHistory.java >@@ -14,8 +14,10 @@ > import java.io.FileInputStream; > import java.io.FileOutputStream; > import java.io.IOException; >+import java.io.InvalidClassException; > import java.io.ObjectInputStream; > import java.io.ObjectOutputStream; >+import java.io.ObjectStreamClass; > import java.util.ArrayList; > import java.util.Iterator; > import java.util.LinkedList; >@@ -72,7 +74,47 @@ > { > try > { >- ObjectInputStream oin = new ObjectInputStream(new FileInputStream(file)); >+ /** >+ * org.eclipse.mat.ui.SnapshotHistoryService$Entry >+ * java.lang.Long >+ * java.lang.Number >+ * org.eclipse.mat.snapshot.SnapshotInfo >+ * java.util.Date >+ * java.util.HashMap >+ * java.lang.Boolean >+ */ >+ ObjectInputStream oin = new ObjectInputStream(new FileInputStream(file)) { >+ @Override >+ protected Class<?> resolveClass(ObjectStreamClass desc) throws IOException, ClassNotFoundException { >+ // similar to system property jdk.serialFilter >+ String match="java.lang.*;java.util.*;org.eclipse.mat.snapshot.*;org.eclipse.mat.ui.SnapshotHistoryService$Entry;!*"; //$NON-NLS-1$ >+ String nm = desc.getName(); >+ if (!nm.startsWith("[")) //$NON-NLS-1$ >+ { >+ for (String pt : match.split(";")) //$NON-NLS-1$ >+ { >+ boolean not = pt.startsWith("!"); //$NON-NLS-1$ >+ if (not) >+ pt = pt.substring(1); >+ boolean m; >+ if (pt.endsWith(".**")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 2)); >+ else if (pt.endsWith(".*")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 1)) >+ && !nm.substring(pt.length() - 1).contains("."); //$NON-NLS-1$ >+ else if (pt.endsWith("*")) //$NON-NLS-1$ >+ m = nm.startsWith(pt.substring(0, pt.length() - 1)); >+ else >+ m = nm.equals(pt); >+ if (not && m) >+ throw new InvalidClassException(nm, match); >+ if (m) >+ break; >+ } >+ } >+ return super.resolveClass(desc); >+ } >+ }; > try > { > history = (LinkedList<String>) oin.readObject();
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=281337">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 558633
: 281337
