Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8185539

Relax RMI Registry Serial Filter to allow arrays of any type

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P3 P3
    • 10
    • core-libs
    • None
    • behavioral
    • low
    • The compatibility risk is low since it is relaxing a previous limitation.
    • System or security property
    • JDK

      Summary

      The RMI Registry filter is relaxed to allow binding arrays of any type.

      Problem

      The built-in filter applied to the RMI Registry remote methods checks the argument types against a known list of allowed types. For arrays it checks that the component type is one of the allowed types.
      However, RMI and Serialization considers all arrays to be serializable and it is common for the component type of the array to be a serializable array to be a non-serializable type such as java.lang.Object. The constraint on the component type is unnecessary and should be removed.
      Developers also considered the build-in limit on the maximum array size to be too small (10000).

      The workaround is to override of the built-in filter using the system property sun.rmi.registry.registryFilter to allow java.lang.Object or the component type as needed. The property can be defined on the command line or in the conf/security/java.security configuration file. .

      Solution

      The RMI Registry built-in serial filter is modified to check only the array size and not the component type. Array sizes greater than the maxarray limit will be rejected and otherwise will be allowed. The description of the sun.rmi.registry.registryFilter property will be updated in the conf/security/java.security configuration to better describe the default behavior and how to override. Both the system property sun.rmi.registry.registryFilter and the corresponding java.security property use the same syntax and behavior.

      The maximum array size is increased to 1,000,000. The override filter can be used to decrease the limit but can not raise it so a higher default value provides greater flexibility.

      Specification

      The description of the system property and the java.security property is updated:

      diff  conf/security/java.security 
--- 949,979 ----
  #
  # RMI Registry Serial Filter
  #
  # The filter pattern uses the same format as jdk.serialFilter.
  # This filter can override the builtin filter if additional types need to be
! # allowed or rejected from the RMI Registry or to decrease limits but not
! # to increase limits.
! # If the limits (maxdepth, maxrefs, or maxbytes) are exceeded, the object is rejected.
! #
! # Each non-array type is allowed or rejected if it matches one of the patterns,
! # evaluated from left to right, and is otherwise allowed. Arrays of any
! # component type, including subarrays and arrays of primitives, are allowed.
! #
! # Array construction of any component type, including subarrays and arrays of
! # primitives, are allowed unless the length is greater than the maxarray limit.
! # The filter is applied to each array element.
  #
  # Note: This property is currently used by the JDK Reference implementation.
  # It is not guaranteed to be examined and used by other implementations.
  #
! # The built-in filter allows subclasses of allowed classes and
! # can approximately be represented as the pattern:
! #
! #sun.rmi.registry.registryFilter=\
! #    maxarray=1000000;\
! #    maxdepth=20;\
! #    java.lang.String;\
! #    java.lang.Number;\
! #    java.lang.reflect.Proxy;\
! #    java.rmi.Remote;\
! #    sun.rmi.server.UnicastRef;\
! #    sun.rmi.server.RMIClientSocketFactory;\
! #    sun.rmi.server.RMIServerSocketFactory;\
! #    java.rmi.activation.ActivationID;\
! #    java.rmi.server.UID

            rriggs Roger Riggs
            rriggs Roger Riggs
            Sean Coffey
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: