geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bschucha...@apache.org
Subject [geode] branch whitelist_wip updated: work-in-progress branch for whitelisting classes that can be deserialized
Date Wed, 08 Nov 2017 22:50:33 GMT
This is an automated email from the ASF dual-hosted git repository.

bschuchardt pushed a commit to branch whitelist_wip
in repository https://gitbox.apache.org/repos/asf/geode.git


The following commit(s) were added to refs/heads/whitelist_wip by this push:
     new 9f0296a  work-in-progress branch for whitelisting classes that can be deserialized
9f0296a is described below

commit 9f0296a576f520dff1e507d967eec590a2920986
Author: Bruce Schuchardt <bschuchardt@pivotal.io>
AuthorDate: Wed Nov 8 14:49:09 2017 -0800

    work-in-progress branch for whitelisting classes that can be deserialized
    
    Tests are now passing though openBugs.txt has a number of problem classes
    listed that should probably be moved to a different list associated with
    sanctionedClassesExistAndDoDeserialize.
---
 .../java/org/apache/geode/admin/GemFireHealth.java |   2 +-
 .../geode/internal/InternalDataSerializer.java     |   7 +-
 .../apache/geode/internal/cache/BucketAdvisor.java |   3 +-
 .../geode/internal/jta/TransactionManagerImpl.java |   2 +-
 .../geode/internal/sanctionedSerializables.txt     |  26 +--
 .../AnalyzeSerializablesJUnitTest.java             | 243 ++++++++++++++-------
 .../InternalDataSerializerWhitelistTest.java       |  68 ------
 .../apache/geode/codeAnalysis/excludedClasses.txt  |  23 +-
 .../org/apache/geode/codeAnalysis/openBugs.txt     |  91 +++++++-
 9 files changed, 290 insertions(+), 175 deletions(-)

diff --git a/geode-core/src/main/java/org/apache/geode/admin/GemFireHealth.java b/geode-core/src/main/java/org/apache/geode/admin/GemFireHealth.java
index bb8590a..1db839e 100644
--- a/geode-core/src/main/java/org/apache/geode/admin/GemFireHealth.java
+++ b/geode-core/src/main/java/org/apache/geode/admin/GemFireHealth.java
@@ -167,7 +167,7 @@ public interface GemFireHealth {
     //////////////////// Instance Fields ////////////////////
 
     /** The string for this health */
-    private String healthString;
+    private String healthString = OKAY_STRING;
 
     ///////////////////// Constructors //////////////////////
 
diff --git a/geode-core/src/main/java/org/apache/geode/internal/InternalDataSerializer.java
b/geode-core/src/main/java/org/apache/geode/internal/InternalDataSerializer.java
index 1836183..c9352a2 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/InternalDataSerializer.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/InternalDataSerializer.java
@@ -244,10 +244,13 @@ public abstract class InternalDataSerializer extends DataSerializer
implements D
       }
 
       String className = filterInfo.serialClass().getName();
+      if (filterInfo.serialClass().isArray()) {
+        className = filterInfo.serialClass().getComponentType().getName();
+      }
       logger.debug("checking whether {} can be deserialized", className);
       if (sanctionedClasses.contains(className)) {
-//        return ObjectInputFilter.Status.ALLOWED;
-        return ObjectInputFilter.Status.UNDECIDED;
+        return ObjectInputFilter.Status.ALLOWED;
+//        return ObjectInputFilter.Status.UNDECIDED;
       } else {
         ObjectInputFilter.Status status = userFilter.checkInput(filterInfo);
         return status;
diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/BucketAdvisor.java b/geode-core/src/main/java/org/apache/geode/internal/cache/BucketAdvisor.java
index e8fabb7..d5ff7cb 100755
--- a/geode-core/src/main/java/org/apache/geode/internal/cache/BucketAdvisor.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/cache/BucketAdvisor.java
@@ -21,6 +21,7 @@ import java.io.ObjectInputStream;
 import java.io.Serializable;
 import java.util.AbstractSet;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -658,7 +659,7 @@ public class BucketAdvisor extends CacheDistributionAdvisor {
     @SuppressWarnings("unchecked")
     private void readObject(ObjectInputStream stream) throws IOException, ClassNotFoundException
{
       stream.defaultReadObject();
-      backingSet = m.keySet();
+      backingSet = m==null? Collections.<E>emptySet() : m.keySet();
     }
   }
 
diff --git a/geode-core/src/main/java/org/apache/geode/internal/jta/TransactionManagerImpl.java
b/geode-core/src/main/java/org/apache/geode/internal/jta/TransactionManagerImpl.java
index b7a60b8..e06eec6 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/jta/TransactionManagerImpl.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/jta/TransactionManagerImpl.java
@@ -895,7 +895,7 @@ public class TransactionManagerImpl implements TransactionManager, Serializable
     }
   }
 
-  static class GlobalTransactionComparator implements Comparator {
+  static class GlobalTransactionComparator implements Comparator, Serializable {
 
     /**
      * Sort the array in ascending order of expiration times
diff --git a/geode-core/src/main/resources/org/apache/geode/internal/sanctionedSerializables.txt
b/geode-core/src/main/resources/org/apache/geode/internal/sanctionedSerializables.txt
index 1c74e11..403929e 100755
--- a/geode-core/src/main/resources/org/apache/geode/internal/sanctionedSerializables.txt
+++ b/geode-core/src/main/resources/org/apache/geode/internal/sanctionedSerializables.txt
@@ -1,7 +1,7 @@
 org/apache/geode/CancelException,true,3215578659523282642
 org/apache/geode/CopyException,true,-1143711608610323585
 org/apache/geode/DeltaSerializationException,true,-2630435945840206466
-org/apache/geode/GemFireCacheException,true,-2844020916351682908
+org/apache/geode/ForcedDisconnectException,true,4977003259880566257
 org/apache/geode/GemFireCheckedException,true,-8659184576090173188
 org/apache/geode/GemFireConfigException,true,7791789785331120991
 org/apache/geode/GemFireException,true,-6972360779789402295
@@ -24,7 +24,6 @@ org/apache/geode/UnmodifiableException,true,-1043243260052395455
 org/apache/geode/UnstartedSystemException,true,-4285897556527521788
 org/apache/geode/admin/AdminException,true,879398950879472021
 org/apache/geode/admin/AdminXmlException,true,-6848726449157550169
-org/apache/geode/admin/AlertLevel,true,-4752438966587392126,ordinal:int
 org/apache/geode/admin/CacheDoesNotExistException,true,-1639933911265729978
 org/apache/geode/admin/GemFireHealth$Health,true,3039539430412151801,healthString:java/lang/String
 org/apache/geode/admin/GemFireMemberStatus,true,3389997790525991310,_bindAddress:java/lang/String,_clientHealthStats:java/util/Map,_clientHostNames:java/util/Map,_clientQueueSizes:java/util/Map,_connectedClients:java/util/Set,_connectedIncomingGateways:java/util/Map,_connectedPeers:java/util/Set,_connectedServers:java/util/Set,_freeHeapSize:long,_gatewayHubStatus:java/lang/Object,_gatewayQueueSizes:java/util/Map,_hostAddress:java/net/InetAddress,_isClient:boolean,_isConnected:boolean,_is
[...]
@@ -216,12 +215,10 @@ org/apache/geode/distributed/internal/DistributionConfigSnapshot,true,7445728132
 org/apache/geode/distributed/internal/DistributionException,true,9039055444056269504
 org/apache/geode/distributed/internal/FlowControlParams,true,7322447678546893647,byteAllowance:int,rechargeBlockMs:int,rechargeThreshold:float
 org/apache/geode/distributed/internal/HighPriorityAckedMessage$operationType,false
-org/apache/geode/distributed/internal/OverflowQueueWithDMStats,true,-1846248853494394996,stats:org/apache/geode/distributed/internal/QueueStatHelper
 org/apache/geode/distributed/internal/ReliableReplyException,true,472566058783450438
 org/apache/geode/distributed/internal/ReplyException,true,-4410839793809166071
 org/apache/geode/distributed/internal/ResourceEvent,false
 org/apache/geode/distributed/internal/RuntimeDistributionConfigImpl,true,-805637520096606113
-org/apache/geode/distributed/internal/ThrottlingMemLinkedQueueWithDMStats,true,5425180246954573433,maxMemSize:int,maxSize:int,memSize:int,startThrottleMemSize:int,startThrottleSize:int
 org/apache/geode/distributed/internal/deadlock/DLockDependencyMonitor$LockId,false,serviceName:java/lang/String,tokenName:java/io/Serializable
 org/apache/geode/distributed/internal/deadlock/Dependency,true,1,depender:java/lang/Object,dependsOn:java/lang/Object
 org/apache/geode/distributed/internal/deadlock/DependencyGraph,true,-6794339771271587648,edges:java/util/Set,vertices:java/util/Map
@@ -234,22 +231,16 @@ org/apache/geode/distributed/internal/locks/DistributedMemberLock$LockReentryPol
 org/apache/geode/distributed/internal/locks/LockGrantorDestroyedException,true,-3540124531032570817
 org/apache/geode/distributed/internal/membership/gms/membership/GMSJoinLeave$ViewAbandonedException,false
 org/apache/geode/distributed/internal/membership/gms/messages/InstallViewMessage$messageType,false
-org/apache/geode/distributed/internal/membership/gms/messenger/JGAddress,true,-1818672332115113291,ip_addr:java/net/InetAddress,port:int,vmViewId:int
-org/apache/geode/distributed/internal/membership/gms/mgr/GMSMembershipManager$BoundedLinkedHashMap,true,-3419897166186852692
-org/apache/geode/internal/AbstractConfig$SortedProperties,true,7156507110684631135
 org/apache/geode/internal/ConfigSource,true,-4097017272431018553,description:java/lang/String,type:org/apache/geode/internal/ConfigSource$Type
 org/apache/geode/internal/ConfigSource$Type,false
 org/apache/geode/internal/CopyOnWriteHashSet,true,8591978652141659932
 org/apache/geode/internal/DSFIDNotFoundException,true,130596009484324655,dsfid:int,versionOrdinal:short
 org/apache/geode/internal/InternalDataSerializer$SERIALIZATION_VERSION,false
 org/apache/geode/internal/InternalStatisticsDisabledException,true,4146181546364258311
-org/apache/geode/internal/ObjIdConcurrentMap,true,7249069246763182397,segmentMask:int,segmentShift:int,segments:org/apache/geode/internal/ObjIdConcurrentMap$Segment[]
-org/apache/geode/internal/ObjIdConcurrentMap$Segment,true,2249069246763182397,loadFactor:float
 org/apache/geode/internal/SystemAdmin$CombinedResources,false
 org/apache/geode/internal/admin/CompoundEntrySnapshot,true,5776382582897895718,allUserAttributes:java/util/Set,allValues:java/util/Set,hitRatio:float,hitRatioSum:double,hitResponders:long,lastAccessTime:long,lastModifiedTime:long,name:java/lang/Object,numHits:long,numMisses:long
 org/apache/geode/internal/admin/CompoundRegionSnapshot,true,6295026394298398004,allCacheLoaders:java/util/Set,allCacheWriters:java/util/Set,allCapControllers:java/util/Set,allConcLevels:java/util/Set,allCustomIdle:java/util/HashSet,allCustomTtl:java/util/HashSet,allDataPolicies:java/util/Set,allEntryIdleTimeout:java/util/Set,allEntryTtl:java/util/Set,allInitialCaps:java/util/Set,allKeyConstraints:java/util/Set,allListeners:java/util/Set,allLoadFactors:java/util/Set,allRegionIdleTimeout:j
[...]
 org/apache/geode/internal/admin/StatAlert,true,5725457607122449170,definitionId:int,time:java/util/Date,values:java/lang/Number[]
-org/apache/geode/internal/admin/remote/EntryValueNodeImpl,false,fields:org/apache/geode/internal/admin/remote/EntryValueNodeImpl[],name:java/lang/String,primitive:boolean,primitiveVal:java/lang/Object,type:java/lang/String
 org/apache/geode/internal/cache/BucketAdvisor$SetFromMap,true,2454657854757543876,m:java/util/Map
 org/apache/geode/internal/cache/BucketNotFoundException,true,2898657229184289911
 org/apache/geode/internal/cache/BucketRegion$SizeOp,false
@@ -351,8 +342,6 @@ org/apache/geode/internal/cache/wan/GatewaySenderConfigurationException,true,1
 org/apache/geode/internal/cache/wan/GatewaySenderException,true,8090143153569084886
 org/apache/geode/internal/cache/wan/parallel/BucketRegionQueueUnavailableException,true,-1860388334938028312
 org/apache/geode/internal/cache/xmlcache/CacheXmlVersion,false,namespace:java/lang/String,publicId:java/lang/String,schemaLocation:java/lang/String,systemId:java/lang/String,version:java/lang/String
-org/apache/geode/internal/cache/xmlcache/DiskStoreAttributesCreation,false
-org/apache/geode/internal/cache/xmlcache/RegionAttributesCreation,true,2241078661206355376,asyncEventQueueIds:java/util/Set,cacheListeners:java/util/ArrayList,cacheLoader:org/apache/geode/cache/CacheLoader,cacheWriter:org/apache/geode/cache/CacheWriter,cloningEnabled:boolean,compressor:org/apache/geode/compression/Compressor,concurrencyChecksEnabled:boolean,concurrencyLevel:int,customEntryIdleTimeout:org/apache/geode/cache/CustomExpiry,customEntryTimeToLive:org/apache/geode/cache/CustomE
[...]
 org/apache/geode/internal/concurrent/AtomicLong5,true,-1915700199064062938
 org/apache/geode/internal/concurrent/CompactConcurrentHashSet2,true,7249069246763182397
 org/apache/geode/internal/concurrent/CompactConcurrentHashSet2$Segment,true,2249069246763182397,loadFactor:float
@@ -374,15 +363,6 @@ org/apache/geode/internal/datasource/ManagedPoolCacheImpl,true,10646422717363997
 org/apache/geode/internal/datasource/PoolException,true,-6178632158204356727
 org/apache/geode/internal/datasource/TranxPoolCacheImpl,true,3295652525163658888,m_xads:javax/sql/XADataSource
 org/apache/geode/internal/hll/CardinalityMergeException,false
-org/apache/geode/internal/hll/HyperLogLog,true,-4661220245111112301,alphaMM:double,log2m:int,registerSet:org/apache/geode/internal/hll/RegisterSet
-org/apache/geode/internal/hll/HyperLogLog$Builder,true,-979314356097156719,rsd:double
-org/apache/geode/internal/hll/HyperLogLog$HyperLogLogMergeException,false
-org/apache/geode/internal/hll/HyperLogLog$SerializationHolder,false,hyperLogLogHolder:org/apache/geode/internal/hll/HyperLogLog
-org/apache/geode/internal/hll/HyperLogLogPlus,true,7504952025744337762,alphaMM:double,format:org/apache/geode/internal/hll/HyperLogLogPlus$Format,m:int,p:int,registerSet:org/apache/geode/internal/hll/RegisterSet,sm:int,sortThreshold:int,sp:int,sparseSet:int[],sparseSetThreshold:int,tmpIndex:int,tmpSet:int[]
-org/apache/geode/internal/hll/HyperLogLogPlus$Builder,true,-1608419770500158843,p:int,sp:int
-org/apache/geode/internal/hll/HyperLogLogPlus$Format,false
-org/apache/geode/internal/hll/HyperLogLogPlus$HyperLogLogPlusMergeException,false
-org/apache/geode/internal/hll/HyperLogLogPlus$SerializationHolder,false,hyperLogLogHolder:org/apache/geode/internal/hll/HyperLogLogPlus
 org/apache/geode/internal/jta/TransactionManagerImpl,true,5033392316185449821,globalTransactionMap:java/util/Map,gtxSet:java/util/SortedSet,isActive:boolean,transactionMap:java/util/Map
 org/apache/geode/internal/jta/UserTransactionImpl,true,2994652455204901910,storedTimeOut:int,tm:javax/transaction/TransactionManager
 org/apache/geode/internal/memcached/Command,false
@@ -464,7 +444,6 @@ org/apache/geode/internal/tcp/ConnectionException,true,-1977443644277412122
 org/apache/geode/internal/tcp/ImmutableByteBufferInputStream,false
 org/apache/geode/internal/tcp/MemberShunnedException,true,-8453126202477831557,member:org/apache/geode/distributed/DistributedMember
 org/apache/geode/internal/tcp/ReenteredConnectException,true,2878977454669428469
-org/apache/geode/internal/tcp/VersionedByteBufferInputStream,false,version:org/apache/geode/internal/Version
 org/apache/geode/internal/util/Breadcrumbs$CrumbType,false
 org/apache/geode/internal/util/SingletonValue$ValueState,false
 org/apache/geode/internal/util/SunAPINotFoundException,true,75895915344106684
@@ -817,3 +796,6 @@ org/apache/geode/security/AuthenticationFailedException,true,-820286647227908887
 org/apache/geode/security/AuthenticationRequiredException,true,4675976651103154919
 org/apache/geode/security/GemFireSecurityException,true,3814254578203076926,cause:java/lang/Throwable
 org/apache/geode/security/NotAuthorizedException,true,419215768216387745,principal:java/security/Principal
+org/apache/geode/internal/admin/remote/EntryValueNodeImpl,false,fields:org/apache/geode/internal/admin/remote/EntryValueNodeImpl[],name:java/lang/String,primitive:boolean,primitiveVal:java/lang/Object,type:java/lang/String
+org/apache/geode/internal/jta/TransactionManagerImpl$GlobalTransactionComparator,false
+org/apache/geode/management/internal/cli/domain/DataCommandRequest,false,command:java/lang/String,key:java/lang/String,keyClass:java/lang/String,loadOnCacheMiss:boolean,principal:java/lang/Object,putIfAbsent:boolean,query:java/lang/String,recursive:boolean,regionName:java/lang/String,removeAllKeys:java/lang/String,value:java/lang/String,valueClass:java/lang/String
diff --git a/geode-core/src/test/java/org/apache/geode/codeAnalysis/AnalyzeSerializablesJUnitTest.java
b/geode-core/src/test/java/org/apache/geode/codeAnalysis/AnalyzeSerializablesJUnitTest.java
index 96701d0..14d15ef 100644
--- a/geode-core/src/test/java/org/apache/geode/codeAnalysis/AnalyzeSerializablesJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/codeAnalysis/AnalyzeSerializablesJUnitTest.java
@@ -26,44 +26,51 @@ import static org.apache.geode.internal.lang.SystemUtils.isJavaVersionAtLeast;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
 import static org.hamcrest.core.Is.is;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assume.assumeThat;
 
-import org.apache.geode.DataSerializer;
-import org.apache.geode.codeAnalysis.decode.CompiledClass;
-import org.apache.geode.codeAnalysis.decode.CompiledField;
-import org.apache.geode.codeAnalysis.decode.CompiledMethod;
-import org.apache.geode.distributed.internal.DistributedSystemService;
-import org.apache.geode.distributed.internal.DistributionConfig;
-import org.apache.geode.distributed.internal.DistributionConfigImpl;
-import org.apache.geode.internal.HeapDataOutputStream;
-import org.apache.geode.internal.InternalDataSerializer;
-import org.apache.geode.internal.Version;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-import org.junit.rules.TestName;
-
 import java.io.BufferedReader;
 import java.io.ByteArrayInputStream;
 import java.io.DataInputStream;
+import java.io.Externalizable;
 import java.io.File;
 import java.io.FileReader;
 import java.io.IOException;
 import java.io.InvalidClassException;
 import java.io.Serializable;
-import java.time.Instant;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Modifier;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Properties;
+import java.util.Set;
 
-import java.lang.reflect.Modifier;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.rules.TestName;
+import sun.reflect.ReflectionFactory;
+
+import org.apache.geode.CancelException;
+import org.apache.geode.DataSerializer;
+import org.apache.geode.ForcedDisconnectException;
+import org.apache.geode.codeAnalysis.decode.CompiledClass;
+import org.apache.geode.codeAnalysis.decode.CompiledField;
+import org.apache.geode.codeAnalysis.decode.CompiledMethod;
+import org.apache.geode.distributed.internal.DistributedSystemService;
+import org.apache.geode.distributed.internal.DistributionConfig;
+import org.apache.geode.distributed.internal.DistributionConfigImpl;
+import org.apache.geode.internal.HeapDataOutputStream;
+import org.apache.geode.internal.InternalDataSerializer;
+import org.apache.geode.internal.Version;
+import org.apache.geode.test.junit.categories.IntegrationTest;
 
 @Category(IntegrationTest.class)
 public class AnalyzeSerializablesJUnitTest {
@@ -77,6 +84,7 @@ public class AnalyzeSerializablesJUnitTest {
   public static final String EXCLUDED_CLASSES_TXT = "excludedClasses.txt";
   public static final String ACTUAL_DATA_SERIALIZABLES_DAT = "actualDataSerializables.dat";
   public static final String ACTUAL_SERIALIZABLES_DAT = "actualSerializables.dat";
+  public static final String OPEN_BUGS_TXT = "openBugs.txt";
 
   /** all loaded classes */
   private Map<String, CompiledClass> classes;
@@ -93,25 +101,16 @@ public class AnalyzeSerializablesJUnitTest {
   @Rule
   public TestName testName = new TestName();
 
-  public void setUp() throws Exception {
-    assumeThat(
-        "AnalyzeSerializables requires Java 8 but tests are running with v" + getJavaVersion(),
-        isJavaVersionAtLeast("1.8"), is(true));
-
-    this.classes = new HashMap<>();
-
-    loadClasses();
-
-    // setup expectedDataSerializables
-
+  public void loadExpectedDataSerializables() throws Exception {
     this.expectedDataSerializablesFile = getResourceAsFile("sanctionedDataSerializables.txt");
     assertThat(this.expectedDataSerializablesFile).exists().canRead();
 
     this.expectedDataSerializables = loadClassesAndMethods(this.expectedDataSerializablesFile);
     Collections.sort(this.expectedDataSerializables);
 
-    // setup expectedSerializables
+  }
 
+  public void loadExpectedSerializables() throws Exception {
     this.expectedSerializablesFile = getResourceAsFile(InternalDataSerializer.class, "sanctionedSerializables.txt");
     assertThat(this.expectedSerializablesFile).exists().canRead();
 
@@ -119,6 +118,19 @@ public class AnalyzeSerializablesJUnitTest {
     Collections.sort(this.expectedSerializables);
   }
 
+  public void findClasses() throws Exception {
+    this.classes = new HashMap<>();
+
+    loadClasses();
+  }
+
+  @Before
+  public void setUp() throws Exception {
+    assumeThat(
+        "AnalyzeSerializables requires Java 8 but tests are running with v" + getJavaVersion(),
+        isJavaVersionAtLeast("1.8"), is(true));
+  }
+
   /**
    * Override only this one method in sub-classes
    */
@@ -129,7 +141,8 @@ public class AnalyzeSerializablesJUnitTest {
   @Test
   public void testDataSerializables() throws Exception {
     System.out.println(this.testName.getMethodName() + " starting");
-    setUp();
+    findClasses();
+    loadExpectedDataSerializables();
 
     this.actualDataSerializablesFile = createEmptyFile(ACTUAL_DATA_SERIALIZABLES_DAT);
     System.out.println(this.testName.getMethodName() + " actualDataSerializablesFile="
@@ -153,7 +166,8 @@ public class AnalyzeSerializablesJUnitTest {
   @Test
   public void testSerializables() throws Exception {
     System.out.println(this.testName.getMethodName() + " starting");
-    setUp();
+    findClasses();
+    loadExpectedSerializables();
 
     this.actualSerializablesFile = createEmptyFile(ACTUAL_SERIALIZABLES_DAT);
     System.out.println(this.testName.getMethodName() + " actualSerializablesFile="
@@ -175,7 +189,7 @@ public class AnalyzeSerializablesJUnitTest {
 
   @Test
   public void excludedClassesExistAndDoNotDeserialize() throws Exception {
-    List<String> excludedClasses = AnalyzeSerializablesJUnitTest.loadExcludedClasses();
+    List<String> excludedClasses = loadExcludedClasses(getResourceAsFile(EXCLUDED_CLASSES_TXT));
     DistributionConfig distributionConfig = new DistributionConfigImpl(new Properties());
     InternalDataSerializer.initialize(distributionConfig, new ArrayList<DistributedSystemService>());
 
@@ -206,16 +220,43 @@ public class AnalyzeSerializablesJUnitTest {
     }
   }
 
+
+  private void serializeAndDeserializeObject(Object object) throws Exception {
+    HeapDataOutputStream outputStream = new HeapDataOutputStream(Version.CURRENT);
+    try {
+      DataSerializer.writeObject(object, outputStream);
+    } catch (IOException e) {
+      // some classes, such as BackupLock, are Serializable because the extend something
+      // like ReentrantLock but we never serialize them & it doesn't work to try to do
so
+      System.out.println("Not Serializable: " + object.getClass().getName());
+    }
+    try {
+      Object
+          instance =
+          DataSerializer.readObject(
+              new DataInputStream(new ByteArrayInputStream(outputStream.toByteArray())));
+      fail("I was able to deserialize " + object.getClass().getName());
+    } catch (InvalidClassException e) {
+      // expected
+    }
+  }
+
   @Test
   public void sanctionedClassesExistAndDoDeserialize() throws Exception {
-    setUp();
+    loadExpectedSerializables();
+    Set<String> openBugs = new HashSet<>(loadOpenBugs(getResourceAsFile(OPEN_BUGS_TXT)));
+
 
     DistributionConfig distributionConfig = new DistributionConfigImpl(new Properties());
     InternalDataSerializer.initialize(distributionConfig, new ArrayList<DistributedSystemService>());
 
     for (ClassAndVariableDetails details : expectedSerializables) {
+      if (openBugs.contains(details.className)) {
+        System.out.println("Skipping " + details.className + " because it is in openBugs.txt");
+        continue;
+      }
       String className = details.className.replaceAll("/", ".");
-      System.out.println("testing class " + className);
+      System.out.println("testing class " + details.className);
 
       Class sanctionedClass = Class.forName(className);
       assertTrue(sanctionedClass.getName() + " is not Serializable and should be removed
from sanctionedSerializables.txt",
@@ -225,48 +266,104 @@ public class AnalyzeSerializablesJUnitTest {
         // we detect whether these are modified in another test, but cannot instantiate them.
         continue;
       }
+
+      if (sanctionedClass.getEnclosingClass() != null && sanctionedClass.getEnclosingClass().isEnum())
{
+        // inner enum class - enum constants are handled when we process their enclosing
class
+        continue;
+      }
+
       if (sanctionedClass.isEnum()) {
         // geode enums are special cased by DataSerializer and are never java-serialized
-        for (Object instance: sanctionedClass.getEnumConstants()) {
+        for (Object instance : sanctionedClass.getEnumConstants()) {
           serializeAndDeserializeSanctionedObject(instance);
         }
-      } else {
-        final Object sanctionedInstance;
-        try {
-          sanctionedInstance = sanctionedClass.newInstance();
-        } catch (InstantiationException e) {
-          throw new AssertionError("Unable to instantiate " + className + " - please move
it from sanctionedSerializables.txt to excludedClasses.txt", e);
-        }
-        if (sanctionedInstance instanceof Throwable) {
-          ((Throwable)sanctionedInstance).initCause(null);
-        }
+        continue;
+      }
+
+      Object sanctionedInstance = null;
+      if (!Serializable.class.isAssignableFrom(sanctionedClass)) {
+        throw new AssertionError(className + " is not serializable.  Remove it from sanctionedSerializables.txt");
+      }
+      try {
+        boolean isThrowable = Throwable.class.isAssignableFrom(sanctionedClass);
+
+        Constructor constructor = isThrowable ?
+            sanctionedClass.getDeclaredConstructor(String.class) :
+            sanctionedClass.getDeclaredConstructor(null);
+        constructor.setAccessible(true);
+        sanctionedInstance = isThrowable ?
+            constructor.newInstance("test throwable") :
+            constructor.newInstance();
         serializeAndDeserializeSanctionedObject(sanctionedInstance);
+        continue;
+      } catch (NoSuchMethodException | InstantiationException | IllegalAccessException e)
{
+        // fall through
+      }
+      try {
+        Class<?> superClass = sanctionedClass;
+        Constructor constructor = null;
+        if (Externalizable.class.isAssignableFrom(sanctionedClass)) {
+          Constructor<?> cons = sanctionedClass.getDeclaredConstructor(null);
+          cons.setAccessible(true);
+        } else {
+          while (Serializable.class.isAssignableFrom(superClass)) {
+            if ((superClass = superClass.getSuperclass()) == null) {
+              throw new AssertionError(className
+                  + " cannot be instantiated for serialization.  Remove it from sanctionedSerializables.txt");
+            }
+          }
+          constructor = superClass.getDeclaredConstructor((Class<?>[]) null);
+          constructor.setAccessible(true);
+          constructor =
+              ReflectionFactory.getReflectionFactory()
+                  .newConstructorForSerialization(sanctionedClass, constructor);
+        }
+        sanctionedInstance = constructor.newInstance();
+      } catch (Exception e2) {
+        throw new AssertionError("Unable to instantiate " + className
+            + " - please move it from sanctionedSerializables.txt to excludedClasses.txt",
e2);
       }
+      serializeAndDeserializeSanctionedObject(sanctionedInstance);
     }
   }
 
-  private void serializeAndDeserializeObject(Object object) throws Exception {
-    HeapDataOutputStream outputStream = new HeapDataOutputStream(Version.CURRENT);
-    try {
-      DataSerializer.writeObject(object, outputStream);
-    } catch (IOException e) {
-      // some classes, such as BackupLock, are Serializable because the extend something
-      // like ReentrantLock but we never serialize them & it doesn't work to try to do
so
-      System.out.println("Not Serializable: " + object.getClass().getName());
-      e.printStackTrace();
-      return;
+  @Test
+  public void testOpenBugsAreInSanctionedSerializables() throws Exception {
+    loadExpectedSerializables();
+    List<String> openBugs = loadOpenBugs(getResourceAsFile(OPEN_BUGS_TXT));
+    Set<String> expectedSerializableClasses = new HashSet<>();
+
+    for (ClassAndVariableDetails details : expectedSerializables) {
+      expectedSerializableClasses.add(details.className);
     }
-    try {
-      Object
-          instance =
-          DataSerializer.readObject(
-              new DataInputStream(new ByteArrayInputStream(outputStream.toByteArray())));
-      fail("I was able to deserialize " + object.getClass().getName());
-    } catch (InvalidClassException e) {
-      // expected
+
+    for (String openBugClass : openBugs) {
+      assertTrue("open bug class: " + openBugClass + " is not present in sanctionedSerializables.txt",
expectedSerializableClasses.contains(openBugClass));
     }
   }
 
+  @Test
+  public void testExcludedClassesAreNotInSanctionedSerializables() throws Exception {
+    loadExpectedSerializables();
+    Set<String> expectedSerializableClasses = new HashSet<>();
+
+    for (ClassAndVariableDetails details : expectedSerializables) {
+      expectedSerializableClasses.add(details.className);
+    }
+
+    List<String> excludedClasses = loadExcludedClasses(getResourceAsFile(EXCLUDED_CLASSES_TXT));
+
+    for (String excludedClass : excludedClasses) {
+      assertFalse("Excluded class: " + excludedClass + " was found in sanctionedSerializables.txt",
expectedSerializableClasses.contains(excludedClass));
+    }
+  }
+
+  @Test
+  public void testSerializingForcedDisconnectException() throws Exception {
+    Throwable forcedDisconnectException = new ForcedDisconnectException("testing");
+    serializeAndDeserializeSanctionedObject(forcedDisconnectException);
+  }
+
   private void serializeAndDeserializeSanctionedObject(Object object) throws Exception {
     HeapDataOutputStream outputStream = new HeapDataOutputStream(Version.CURRENT);
     try {
@@ -274,17 +371,17 @@ public class AnalyzeSerializablesJUnitTest {
     } catch (IOException e) {
       // some classes, such as BackupLock, are Serializable because the extend something
       // like ReentrantLock but we never serialize them & it doesn't work to try to do
so
-      System.out.println("Not Serializable: " + object.getClass().getName());
-      e.printStackTrace();
-      return;
+      throw new AssertionError("Not Serializable: " + object.getClass().getName(), e);
     }
     try {
       Object
           instance =
           DataSerializer.readObject(
               new DataInputStream(new ByteArrayInputStream(outputStream.toByteArray())));
+    } catch (CancelException e) {
+      // PDX classes fish for a PDXRegistry and find that there is no cache
     } catch (InvalidClassException e) {
-      fail("I was unable to deserialize " + object.getClass().getName());
+      fail("I was unable to deserialize " + object.getClass().getName(), e);
     }
   }
 
@@ -302,7 +399,7 @@ public class AnalyzeSerializablesJUnitTest {
     System.out.println("loadClasses starting");
 
     List<String> excludedClasses = loadExcludedClasses(getResourceAsFile(EXCLUDED_CLASSES_TXT));
-    List<String> openBugs = loadOpenBugs(getResourceAsFile("openBugs.txt"));
+    List<String> openBugs = loadOpenBugs(getResourceAsFile(OPEN_BUGS_TXT));
 
     excludedClasses.addAll(openBugs);
 
@@ -332,12 +429,6 @@ public class AnalyzeSerializablesJUnitTest {
         + (finish - start) / 1000 + " seconds");
   }
 
-  public static List<String> loadExcludedClasses() throws IOException {
-    AnalyzeSerializablesJUnitTest instance = new AnalyzeSerializablesJUnitTest();
-    return instance.loadExcludedClasses(instance.getResourceAsFile(EXCLUDED_CLASSES_TXT));
-  }
-
-
   private List<String> loadExcludedClasses(File exclusionsFile) throws IOException
{
     List<String> excludedClasses = new LinkedList<>();
     FileReader fr = new FileReader(exclusionsFile);
diff --git a/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerWhitelistTest.java
b/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerWhitelistTest.java
deleted file mode 100644
index 8c97f01..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerWhitelistTest.java
+++ /dev/null
@@ -1,68 +0,0 @@
-package org.apache.geode.internal;
-
-import static org.junit.Assert.assertTrue;
-
-import java.io.ByteArrayInputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Properties;
-
-import org.junit.Test;
-
-import org.apache.geode.DataSerializer;
-import org.apache.geode.codeAnalysis.AnalyzeSerializablesJUnitTest;
-import org.apache.geode.distributed.internal.DistributedSystemService;
-import org.apache.geode.distributed.internal.DistributionConfig;
-import org.apache.geode.distributed.internal.DistributionConfigImpl;
-
-public class InternalDataSerializerWhitelistTest {
-
-  @Test
-  public void nonWhitelistedObjectIsRejected() throws Exception {
-    List<String> excludedClasses = AnalyzeSerializablesJUnitTest.loadExcludedClasses();
-    DistributionConfig distributionConfig = new DistributionConfigImpl(new Properties());
-    InternalDataSerializer.initialize(distributionConfig, new ArrayList<DistributedSystemService>());
-
-    for (String filePath: excludedClasses) {
-      String className = filePath.replaceAll("/", ".");
-      System.out.println("testing class " + className);
-
-      Class excludedClass = Class.forName(className);
-      assertTrue(excludedClass.getName() + " is not Serializable and should be removed from
excludedClasses.txt",
-          Serializable.class.isAssignableFrom(excludedClass));
-
-      if (excludedClass.isEnum()) {
-        for (Object instance: excludedClass.getEnumConstants()) {
-          serializeAndDeserializeObject(instance);
-        }
-      } else {
-        final Object excludedInstance;
-        try {
-          excludedInstance = excludedClass.newInstance();
-        } catch (InstantiationException | IllegalAccessException e) {
-          // okay - it's in the excludedClasses.txt file after all
-          // IllegalAccessException means that the constructor is private.
-          continue;
-        }
-        serializeAndDeserializeObject(excludedInstance);
-      }
-    }
-  }
-
-  private void serializeAndDeserializeObject(Object object) throws Exception {
-    HeapDataOutputStream outputStream = new HeapDataOutputStream(Version.CURRENT);
-    try {
-      DataSerializer.writeObject(object, outputStream);
-    } catch (IOException e) {
-      // some classes, such as BackupLock, are Serializable because the extend something
-      // like ReentrantLock but we never serialize them & it doesn't work to try to do
so
-      System.out.println("Not Serializable: " + object.getClass().getName());
-      e.printStackTrace();
-      return;
-    }
-    DataSerializer.readObject(new DataInputStream(new ByteArrayInputStream(outputStream.toByteArray())));
-  }
-}
diff --git a/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt
b/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt
index cae579f..8c3bd33 100644
--- a/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt
+++ b/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt
@@ -45,4 +45,25 @@ org/apache/geode/internal/security/shiro/GeodeAuthenticationToken
 org/apache/geode/internal/cache/InitialImageOperation$GIITestHook
 org/apache/geode/internal/AvailablePort$Keeper
 org/apache/geode/internal/admin/remote/DistributionLocatorId
-org/apache/geode/ForcedDisconnectException
+org/apache/geode/GemFireCacheException
+org/apache/geode/admin/AlertLevel
+org/apache/geode/distributed/internal/OverflowQueueWithDMStats
+org/apache/geode/distributed/internal/ThrottlingMemLinkedQueueWithDMStats
+org/apache/geode/distributed/internal/membership/gms/messenger/JGAddress
+org/apache/geode/distributed/internal/membership/gms/mgr/GMSMembershipManager$BoundedLinkedHashMap
+org/apache/geode/internal/AbstractConfig$SortedProperties
+org/apache/geode/internal/ObjIdConcurrentMap
+org/apache/geode/internal/ObjIdConcurrentMap$Segment
+org/apache/geode/internal/cache/xmlcache/RegionAttributesCreation
+org/apache/geode/internal/cache/xmlcache/DiskStoreAttributesCreation
+org/apache/geode/internal/hll/HyperLogLog
+org/apache/geode/internal/hll/HyperLogLog$Builder
+org/apache/geode/internal/hll/HyperLogLog$HyperLogLogMergeException
+org/apache/geode/internal/hll/HyperLogLog$SerializationHolder
+org/apache/geode/internal/hll/HyperLogLogPlus
+org/apache/geode/internal/hll/HyperLogLogPlus$Builder
+org/apache/geode/internal/hll/HyperLogLogPlus$Format
+org/apache/geode/internal/hll/HyperLogLogPlus$HyperLogLogPlusMergeException
+org/apache/geode/internal/hll/HyperLogLogPlus$SerializationHolder
+org/apache/geode/internal/tcp/VersionedByteBufferInputStream
+
diff --git a/geode-core/src/test/resources/org/apache/geode/codeAnalysis/openBugs.txt b/geode-core/src/test/resources/org/apache/geode/codeAnalysis/openBugs.txt
index 2096a36..a885e47 100644
--- a/geode-core/src/test/resources/org/apache/geode/codeAnalysis/openBugs.txt
+++ b/geode-core/src/test/resources/org/apache/geode/codeAnalysis/openBugs.txt
@@ -13,11 +13,96 @@
 # ~~~~~~~~~~~~~~~~~~~ DataSerializables ~~~~~~~~~~~~~~~~~~~~~~~~~
 # these are failures from testDataSerializables
 
-50197,org/apache/geode/management/internal/cli/domain/DataCommandRequest
-
-
 # ~~~~~~~~~~~~~~~~~~~ Serializables ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # these are failures from testSerializables
 
 
+# ~~~~~~~~~~~~~~~~~~~ Whitelist Testing ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# these are failures from
+
+# has assertions that throw an InternalGemFireError when deserializing
+????,org/apache/geode/admin/jmx/internal/ConfigurationParameterJmxImpl
+
+# deprecated classes that extend an apache commons class (commons class would have to be
whitelisted)
+????,org/apache/geode/admin/jmx/internal/ConfigAttributeInfo
+????,org/apache/geode/admin/jmx/internal/DynamicManagedBean
+????,org/apache/geode/admin/jmx/internal/StatisticAttributeInfo
+
+# extends javax.print.attribute.EnumSyntax.  Can it be turned into a regular enum?
+????,org/apache/geode/cache/EvictionAction
+????,org/apache/geode/cache/EvictionAlgorithm
+
+# has an incestuous subclass that should be merged into the superclass.
+# see InterestResultPolicyImpl
+????,org/apache/geode/cache/InterestResultPolicy
+
+# deprecated class that does custom serialization
+????,org/apache/geode/cache/RegionAccessException
+????,org/apache/geode/cache/RegionDistributionException
+
+# query class that does custom serialization and throws an NPE in the test
+????,org/apache/geode/cache/query/internal/ObjectIntHashMap
+
+# query classes that extend an ANTLR class (ANTLR would have to be whitelisted)
+????,org/apache/geode/cache/query/internal/parse/ASTAggregateFunc
+????,org/apache/geode/cache/query/internal/parse/ASTAnd
+????,org/apache/geode/cache/query/internal/parse/ASTCombination
+????,org/apache/geode/cache/query/internal/parse/ASTCompareOp
+????,org/apache/geode/cache/query/internal/parse/ASTConstruction
+????,org/apache/geode/cache/query/internal/parse/ASTConversionExpr
+????,org/apache/geode/cache/query/internal/parse/ASTDummy
+????,org/apache/geode/cache/query/internal/parse/ASTGroupBy
+????,org/apache/geode/cache/query/internal/parse/ASTHint
+????,org/apache/geode/cache/query/internal/parse/ASTHintIdentifier
+????,org/apache/geode/cache/query/internal/parse/ASTIdentifier
+????,org/apache/geode/cache/query/internal/parse/ASTImport
+????,org/apache/geode/cache/query/internal/parse/ASTIn
+????,org/apache/geode/cache/query/internal/parse/ASTIteratorDef
+????,org/apache/geode/cache/query/internal/parse/ASTLike
+????,org/apache/geode/cache/query/internal/parse/ASTLimit
+????,org/apache/geode/cache/query/internal/parse/ASTLiteral
+????,org/apache/geode/cache/query/internal/parse/ASTMethodInvocation
+????,org/apache/geode/cache/query/internal/parse/ASTOr
+????,org/apache/geode/cache/query/internal/parse/ASTOrderBy
+????,org/apache/geode/cache/query/internal/parse/ASTParameter
+????,org/apache/geode/cache/query/internal/parse/ASTPostfix
+????,org/apache/geode/cache/query/internal/parse/ASTProjection
+????,org/apache/geode/cache/query/internal/parse/ASTRegionPath
+????,org/apache/geode/cache/query/internal/parse/ASTSelect
+????,org/apache/geode/cache/query/internal/parse/ASTSortCriterion
+????,org/apache/geode/cache/query/internal/parse/ASTTrace
+????,org/apache/geode/cache/query/internal/parse/ASTType
+????,org/apache/geode/cache/query/internal/parse/ASTTypeCast
+????,org/apache/geode/cache/query/internal/parse/ASTUnary
+????,org/apache/geode/cache/query/internal/parse/ASTUndefinedExpr
+????,org/apache/geode/cache/query/internal/parse/ASTUnsupported
+????,org/apache/geode/cache/query/internal/parse/GemFireAST
+
+# This needs a bug report.  This class serializes a DistributionConfigImpl but we
+# have that class in excludedClasses.txt and aren't monitoring it.
+????,org/apache/geode/distributed/internal/DistributionConfigSnapshot
+????,org/apache/geode/distributed/internal/RuntimeDistributionConfigImpl
+
+# class is serializable and causes DataSerializable contents to be java-serialized
+????,org/apache/geode/cache/AttributesFactory$RegionAttributesImpl
+
+# NPE in readResolve()
+????,org/apache/geode/admin/GemFireHealth$Health
+
+# NPE in InternalDataSerializer.processIncomingClassName
+????,org/apache/geode/pdx/internal/PdxInstanceEnum
+
+# NPE in PdxInstanceImpl.sendTo
+????,org/apache/geode/pdx/internal/PdxInstanceImpl
+
+# NPE when serializing
+????,org/apache/geode/pdx/internal/WritablePdxInstanceImpl
 
+# class is an anonymous inner class.  If a new inner class is added to the enclosing
+# class the name of this class may be changed (e.g., $8) and break backward compatibility.
+# The class also has no constructor that the whitelist test can use.
+????,org/apache/geode/internal/cache/PartitionedRegion$7
+????,org/apache/geode/internal/cache/TXFarSideCMTracker$2
+????,org/apache/geode/internal/cache/TXManagerImpl$1
+????,org/apache/geode/internal/cache/partitioned/FetchEntriesMessage$FetchEntriesResponse$1
+????,org/apache/geode/pdx/internal/AutoSerializableManager$1

-- 
To stop receiving notification emails like this one, please contact
['"commits@geode.apache.org" <commits@geode.apache.org>'].

Mime
View raw message