Closed Marcono1234 closed 9 months ago
Thanks for your reviews! I just noticed a small typo in the tests and have pushed a commit for that and merged the changes from master
into this branch; I hope that is ok. Please let me know if I should squash the commits of this PR.
Because signature files are created using Java Serialization, adds a new
SignatureObjectInputStream
which restricts the classes which are allowed to be loaded when reading signature files to increase security.I hope these changes are fine security-wise, but please let me know if I overlooked something or failed to consider something.
I have tested these changes with the following signatures to make sure that they can still be loaded successfully:
org.codehaus.mojo.signature:java12:1.0
org.codehaus.mojo.signature:java18:1.0
net.sf.androidscents.signature:android-api-level-1:1.0_r2
net.sf.androidscents.signature:android-api-level-32:12_r1
com.toasttab.android:gummy-bears-api-19:0.0.2
com.toasttab.android:gummy-bears-api-33:0.5.1
But feel free to perform additional tests to be safe
Relates to #252 But I don't think this resolves that issue fully or renders it obsolete. A different file format which is inherently safer would still be better than having to implement additional security measures on top of Java Serialization, as done in this pull request.