Package com.thoughtworks.xstream.core
Class SecurityUtils
java.lang.Object
com.thoughtworks.xstream.core.SecurityUtils
Utility functions for security issues.
- Since:
- 1.4.19
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic void
checkForCollectionDoSAttack
(UnmarshallingContext context, long start) Check the consumed time adding elements to collections or maps.
-
Constructor Details
-
SecurityUtils
public SecurityUtils()
-
-
Method Details
-
checkForCollectionDoSAttack
Check the consumed time adding elements to collections or maps. Every custom converter should call this method after an unmarshalled element has been added to a collection or map. In case of an attack the operation will take too long, because the calculation of the hash code or the comparison of the elements in the collection operate on recursive structures.- Parameters:
context
- the unmarshalling contextstart
- the timestamp just before the element was added to the collection or map- Since:
- 1.4.19
-