1e5d05ee2SVladimir Kotal /* 2e5d05ee2SVladimir Kotal * CDDL HEADER START 3e5d05ee2SVladimir Kotal * 4e5d05ee2SVladimir Kotal * The contents of this file are subject to the terms of the 5e5d05ee2SVladimir Kotal * Common Development and Distribution License (the "License"). 6e5d05ee2SVladimir Kotal * You may not use this file except in compliance with the License. 7e5d05ee2SVladimir Kotal * 8e5d05ee2SVladimir Kotal * See LICENSE.txt included in this distribution for the specific 9e5d05ee2SVladimir Kotal * language governing permissions and limitations under the License. 10e5d05ee2SVladimir Kotal * 11e5d05ee2SVladimir Kotal * When distributing Covered Code, include this CDDL HEADER in each 12e5d05ee2SVladimir Kotal * file and include the License file at LICENSE.txt. 13e5d05ee2SVladimir Kotal * If applicable, add the following below this CDDL HEADER, with the 14e5d05ee2SVladimir Kotal * fields enclosed by brackets "[]" replaced with your own identifying 15e5d05ee2SVladimir Kotal * information: Portions Copyright [yyyy] [name of copyright owner] 16e5d05ee2SVladimir Kotal * 17e5d05ee2SVladimir Kotal * CDDL HEADER END 18e5d05ee2SVladimir Kotal */ 19e5d05ee2SVladimir Kotal 20e5d05ee2SVladimir Kotal /* 21e5d05ee2SVladimir Kotal * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. 22e5d05ee2SVladimir Kotal */ 23e5d05ee2SVladimir Kotal package opengrok.auth.plugin.configuration; 24e5d05ee2SVladimir Kotal 25e5d05ee2SVladimir Kotal import opengrok.auth.plugin.ldap.LdapServer; 26*49a69e30SVladimir Kotal import opengrok.auth.plugin.util.WebHook; 27*49a69e30SVladimir Kotal import opengrok.auth.plugin.util.WebHooks; 28e5d05ee2SVladimir Kotal 29e5d05ee2SVladimir Kotal import java.beans.XMLDecoder; 30e5d05ee2SVladimir Kotal import java.util.Collections; 31e5d05ee2SVladimir Kotal import java.util.Set; 32e5d05ee2SVladimir Kotal import java.util.stream.Collectors; 33e5d05ee2SVladimir Kotal 34e5d05ee2SVladimir Kotal /** 35e5d05ee2SVladimir Kotal * Temporary hack to prevent {@link XMLDecoder} to deserialize other than allowed classes. This tries to prevent 36e5d05ee2SVladimir Kotal * calling of methods on {@link ProcessBuilder} or {@link Runtime} (or similar) which could be used for code execution. 37e5d05ee2SVladimir Kotal */ 38e5d05ee2SVladimir Kotal public class PluginConfigurationClassLoader extends ClassLoader { 39e5d05ee2SVladimir Kotal 40e5d05ee2SVladimir Kotal private static final Set<String> allowedClasses = Set.of( 41e5d05ee2SVladimir Kotal Collections.class, 42e5d05ee2SVladimir Kotal Configuration.class, 43e5d05ee2SVladimir Kotal LdapServer.class, 44e5d05ee2SVladimir Kotal String.class, 45*49a69e30SVladimir Kotal WebHook.class, 46*49a69e30SVladimir Kotal WebHooks.class, 47e5d05ee2SVladimir Kotal XMLDecoder.class 48e5d05ee2SVladimir Kotal ).stream().map(Class::getName).collect(Collectors.toSet()); 49e5d05ee2SVladimir Kotal 50e5d05ee2SVladimir Kotal @Override loadClass(final String name)51e5d05ee2SVladimir Kotal public Class<?> loadClass(final String name) throws ClassNotFoundException { 52e5d05ee2SVladimir Kotal if (!allowedClasses.contains(name)) { 53e5d05ee2SVladimir Kotal throw new IllegalAccessError(name + " is not allowed to be used in configuration"); 54e5d05ee2SVladimir Kotal } 55e5d05ee2SVladimir Kotal 56e5d05ee2SVladimir Kotal return getClass().getClassLoader().loadClass(name); 57e5d05ee2SVladimir Kotal } 58e5d05ee2SVladimir Kotal } 59