Class SecurityUtils

java.lang.Object
com.thoughtworks.xstream.core.SecurityUtils

public class SecurityUtils extends Object
Utility functions for security issues.
Since:
1.4.19
  • Constructor Details

    • SecurityUtils

      public SecurityUtils()
  • Method Details

    • checkForCollectionDoSAttack

      public static void checkForCollectionDoSAttack(UnmarshallingContext context, long start)
      Check the consumed time adding elements to collections or maps. Every custom converter should call this method after an unmarshalled element has been added to a collection or map. In case of an attack the operation will take too long, because the calculation of the hash code or the comparison of the elements in the collection operate on recursive structures.
      Parameters:
      context - the unmarshalling context
      start - the timestamp just before the element was added to the collection or map
      Since:
      1.4.19