Serialization of object identity
Remi Forax
forax at univ-mlv.fr
Wed Jun 12 19:55:19 UTC 2019
----- Mail original -----
> De: "Brian Goetz" <brian.goetz at oracle.com>
> À: "Nir Lisker" <nlisker at gmail.com>, "amber-dev" <amber-dev at openjdk.java.net>
> Envoyé: Mercredi 12 Juin 2019 21:26:34
> Objet: Re: Serialization of object identity
>> In fact, the cyclic graph issue is a result of an inability to represent
>> object identity in serialization, which is a much larger problem.
>
> Actually, they're two entirely different problems.
>
> The challenge with cyclic graphs is not that we have to respect identity
> -- that can be done (it is up to a particular serialization to decide if
> it is going to do so.) The challenge with cyclic graphs is that
> logically cyclic graphs cannot, in general, be reproduced through a
> series of constructor calls -- some mutation is required as well. Which
> conflicts with our main security goal, that deserialization proceed
> through constructors.
>
> (It is possible, at the cost of significant complexity for both the
> framework and class authors, to have a more complex model that can
> reflect post-construction mutation -- but the incremental complexity and
> risk is significant.)
it's not fully true because you can leak "this" and then mutate a field inside the constructor.
class A {
final B b;
A(Function<A,B> fun) {
b = fun.apply(this);
}
}
class B {
final A a;
B(A a) {
this.a = a;
}
}
new A(B::new);
Rémi
More information about the amber-dev
mailing list