You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Joost van Crugten (Jira)" <ji...@apache.org> on 2021/01/07 08:43:00 UTC

[jira] [Updated] (AMQ-8117) VirtualSelectorCacheBrokerPlugin throws false positive exception

     [ https://issues.apache.org/jira/browse/AMQ-8117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joost van Crugten updated AMQ-8117:
-----------------------------------
    Description: 
Dear,

The VirtualSelectorCacheBrokerPlugin throws an error in the following method:
{code:java}
if (!(desc.getName().equals("java.lang.String") || desc.getName().startsWith("java.util."))) {
 throw new InvalidClassException("Unauthorized deserialization attempt", desc.getName());
 }
{code}
This exception is thrown because there are some lines in the selector cache file that do not match the given "startsWith("java.util.")". The code will throw an exception because of the "[L" prefix in front of some java.util. elements in the file:

!image-2021-01-07-09-36-50-044.png!

My activemq.xml and file.data are attached to this ticket.

The selector cache is working fine if I use ActiveMQ version 5.15.11 or below.

I have tried to add jdk.serialFilters for the Concurrent Hashmap, like:

wrapper.java.additional.13=-Djdk.serialFilter=java.util.** (wrapper.conf) and also tried to add this to the java security file, but that did not work.

I hope this issue can be fixed or if it is not a bug, the documentation can be complemented with some notes on how to configure this filters the right way.

Best regards,

Joost

  was:
Dear,

The VirtualSelectorCacheBrokerPlugin throws an error in the following method:

 
{code:java}
if (!(desc.getName().equals("java.lang.String") || desc.getName().startsWith("java.util."))) {
 throw new InvalidClassException("Unauthorized deserialization attempt", desc.getName());
 }
{code}
This exception is thrown because there are some lines in the selector cache file that do not match the given "startsWith("java.util.")". The code will throw an exception because of the "[L" prefix in front of some java.util. elements in the file:

!image-2021-01-07-09-36-50-044.png!

My activemq.xml and file.data are attached to this ticket.

The selector cache is working fine if I use ActiveMQ version 5.15.11 or below.

I have tried to add jdk.serialFilters for the Concurrent Hashmap, like:

wrapper.java.additional.13=-Djdk.serialFilter=java.util.** (wrapper.conf) and also tried to add this to the java security file, but that did not work.

I hope this issue can be fixed or if it is not a bug, the documentation can be complemented with some notes on how to configure this filters the right way.

Best regards,

Joost


> VirtualSelectorCacheBrokerPlugin throws false positive exception
> ----------------------------------------------------------------
>
>                 Key: AMQ-8117
>                 URL: https://issues.apache.org/jira/browse/AMQ-8117
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.16.0, 5.15.12, 5.15.13, 5.15.14
>            Reporter: Joost van Crugten
>            Priority: Minor
>         Attachments: activemq.xml, file.data, image-2021-01-07-09-36-50-044.png
>
>
> Dear,
> The VirtualSelectorCacheBrokerPlugin throws an error in the following method:
> {code:java}
> if (!(desc.getName().equals("java.lang.String") || desc.getName().startsWith("java.util."))) {
>  throw new InvalidClassException("Unauthorized deserialization attempt", desc.getName());
>  }
> {code}
> This exception is thrown because there are some lines in the selector cache file that do not match the given "startsWith("java.util.")". The code will throw an exception because of the "[L" prefix in front of some java.util. elements in the file:
> !image-2021-01-07-09-36-50-044.png!
> My activemq.xml and file.data are attached to this ticket.
> The selector cache is working fine if I use ActiveMQ version 5.15.11 or below.
> I have tried to add jdk.serialFilters for the Concurrent Hashmap, like:
> wrapper.java.additional.13=-Djdk.serialFilter=java.util.** (wrapper.conf) and also tried to add this to the java security file, but that did not work.
> I hope this issue can be fixed or if it is not a bug, the documentation can be complemented with some notes on how to configure this filters the right way.
> Best regards,
> Joost



--
This message was sent by Atlassian Jira
(v8.3.4#803005)