Package io.codemodder.codemods
Class HardenJavaDeserializationCodemod
java.lang.Object
io.codemodder.javaparser.JavaParserChanger
io.codemodder.CompositeJavaParserChanger
io.codemodder.codemods.HardenJavaDeserializationCodemod
- All Implemented Interfaces:
io.codemodder.CodeChanger
@Codemod(id="pixee:java/harden-java-deserialization",
importance=HIGH,
reviewGuidance=MERGE_WITHOUT_REVIEW)
public final class HardenJavaDeserializationCodemod
extends io.codemodder.CompositeJavaParserChanger
Adds gadget filtering logic to
ObjectInputStream.-
Field Summary
Fields inherited from class io.codemodder.javaparser.JavaParserChanger
reporter -
Constructor Summary
ConstructorsConstructorDescriptionHardenJavaDeserializationCodemod(io.codemodder.codemods.HardenJavaDeserializationCodemod.VariableDeclarationDeserializationShapeChanger varDeclChanger, io.codemodder.codemods.HardenJavaDeserializationCodemod.AnonymousDeserializationShapeChanger anonymousChanger) -
Method Summary
Methods inherited from class io.codemodder.CompositeJavaParserChanger
getIncludesExcludesPattern, supports, visitMethods inherited from class io.codemodder.javaparser.JavaParserChanger
getDescription, getIndividualChangeDescription, getReferences, getSummaryMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.codemodder.CodeChanger
shouldRun
-
Constructor Details
-
HardenJavaDeserializationCodemod
@Inject public HardenJavaDeserializationCodemod(io.codemodder.codemods.HardenJavaDeserializationCodemod.VariableDeclarationDeserializationShapeChanger varDeclChanger, io.codemodder.codemods.HardenJavaDeserializationCodemod.AnonymousDeserializationShapeChanger anonymousChanger)
-