io.codemodder.javaparser.JavaParserChanger

io.codemodder.CompositeJavaParserChanger

io.codemodder.codemods.HardenJavaDeserializationCodemod

All Implemented Interfaces:: io.codemodder.CodeChanger

@Codemod(id="pixee:java/harden-java-deserialization", importance=HIGH, reviewGuidance=MERGE_WITHOUT_REVIEW) public final class HardenJavaDeserializationCodemod extends io.codemodder.CompositeJavaParserChanger

Adds gadget filtering logic to ObjectInputStream.

Field Summary

Fields inherited from class io.codemodder.javaparser.JavaParserChanger
reporter
Constructor Summary

Constructors

Constructor

Description

HardenJavaDeserializationCodemod(io.codemodder.codemods.HardenJavaDeserializationCodemod.VariableDeclarationDeserializationShapeChanger varDeclChanger, io.codemodder.codemods.HardenJavaDeserializationCodemod.AnonymousDeserializationShapeChanger anonymousChanger)
Method Summary

Methods inherited from class io.codemodder.CompositeJavaParserChanger
shouldRun, visit

Methods inherited from class io.codemodder.javaparser.JavaParserChanger
getDescription, getIndividualChangeDescription, getReferences, getSummary

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- HardenJavaDeserializationCodemod
  
  @Inject public HardenJavaDeserializationCodemod(io.codemodder.codemods.HardenJavaDeserializationCodemod.VariableDeclarationDeserializationShapeChanger varDeclChanger, io.codemodder.codemods.HardenJavaDeserializationCodemod.AnonymousDeserializationShapeChanger anonymousChanger)

Class HardenJavaDeserializationCodemod

Field Summary

Fields inherited from class io.codemodder.javaparser.JavaParserChanger

Constructor Summary

Method Summary

Methods inherited from class io.codemodder.CompositeJavaParserChanger

Methods inherited from class io.codemodder.javaparser.JavaParserChanger

Methods inherited from class java.lang.Object

Constructor Details

HardenJavaDeserializationCodemod