ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-06-17 14:48:16 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Fix another non-serializable exception, add docs, fix a possible security issue. (#2707)

Browse Source 
* Fix another non-serializable exception, add docs, fix a possible security issue.

* Update API definition to reflect methods added to make more exceptions serializable
This commit is contained in:
Mike Hearn
2018-03-02 15:10:54 +01:00
committed by GitHub
parent 799d90b350
commit 80c00b920b
4 changed files with 56 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
node/src/main/kotlin/net/corda/node/services/statemachine/FlowLogicRefFactoryImpl.kt
View File

@ -41,15 +41,21 @@ class FlowLogicRefFactoryImpl(private val classloader: ClassLoader) : SingletonS
}
override fun create(flowClassName: String, vararg args: Any?): FlowLogicRef {
val flowClass = Class.forName(flowClassName, true, classloader).asSubclass(FlowLogic::class.java)
if (flowClass == null) {
throw IllegalArgumentException("The class $flowClassName is not a subclass of FlowLogic.")
} else {
if (!flowClass.isAnnotationPresent(SchedulableFlow::class.java)) {
throw IllegalFlowLogicException(flowClass, "because it's not a schedulable flow")
}
return createForRPC(flowClass, *args)
val flowClass = validatedFlowClassFromName(flowClassName)
if (!flowClass.isAnnotationPresent(SchedulableFlow::class.java)) {
throw IllegalFlowLogicException(flowClass, "because it's not a schedulable flow")
}
return createForRPC(flowClass, *args)
}
private fun validatedFlowClassFromName(flowClassName: String): Class<out FlowLogic<*>> {
val forName = try {
Class.forName(flowClassName, true, classloader)
} catch (e: ClassNotFoundException) {
throw IllegalFlowLogicException(flowClassName, "Flow not found: $flowClassName")
}
return forName.asSubclass(FlowLogic::class.java) ?:
throw IllegalFlowLogicException(flowClassName, "The class $flowClassName is not a subclass of FlowLogic.")
}
override fun createForRPC(flowClass: Class<out FlowLogic<*>>, vararg args: Any?): FlowLogicRef {
@ -93,7 +99,9 @@ class FlowLogicRefFactoryImpl(private val classloader: ClassLoader) : SingletonS
override fun toFlowLogic(ref: FlowLogicRef): FlowLogic<*> {
if (ref !is FlowLogicRefImpl) throw IllegalFlowLogicException(ref.javaClass, "FlowLogicRef was not created via correct FlowLogicRefFactory interface")
val klass = Class.forName(ref.flowLogicClassName, true, classloader).asSubclass(FlowLogic::class.java)
// We re-validate here because a FlowLogicRefImpl could have arrived via deserialization and therefore the
// class name could point to anything at all.
val klass = validatedFlowClassFromName(ref.flowLogicClassName)
return createConstructor(klass, ref.args)()
}