RFR: 8275338: Add JFR events for notable serialization situations [v4]
Jaikiran Pai
jpai at openjdk.org
Tue Dec 19 14:55:50 UTC 2023
On Tue, 19 Dec 2023 12:21:05 GMT, Raffaello Giulietti <rgiulietti at openjdk.org> wrote:
>> Adds serialization misdeclaration events to JFR.
>
> Raffaello Giulietti has updated the pull request incrementally with one additional commit since the last revision:
>
> Better name for a label, corrected name of removed field.
src/java.base/share/classes/java/io/SerializationMisdeclarationChecker.java line 94:
> 92: if (!isPrivate(f)) {
> 93: commitEvent(SUID_PRIVATE,
> 94: SUID_NAME + " should be declared private");
Rest of the event messages use "... to be effective", should this one too use a similar text?
src/java.base/share/classes/java/io/SerializationMisdeclarationChecker.java line 108:
> 106: SUID_NAME + " should be declared of type long");
> 107: }
> 108: if (!isStatic(f)) {
Nit - perhaps save the return value from the previous call to `isStatic(f)` a few lines above and reuse it here?
src/java.base/share/classes/java/io/SerializationMisdeclarationChecker.java line 112:
> 110: }
> 111: f.setAccessible(true);
> 112: if (getLong(f) == null) {
Is this check and the `setAccessible()` needed if a few lines above, the call to `f.getType()` returns `Long.TYPE` (i.e. primitive type)? Perhaps we can conditionally do these additional checks and calls, only if `f.getType()` isn't a primitive?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17129#discussion_r1431512491
PR Review Comment: https://git.openjdk.org/jdk/pull/17129#discussion_r1431506705
PR Review Comment: https://git.openjdk.org/jdk/pull/17129#discussion_r1431511005
More information about the security-dev
mailing list