[jboss-jira] [JBoss JIRA] (WFLY-13426) Optimize marshalling in clustering subsystems using ProtoStream

Paul Ferraro (Jira) issues at jboss.org
Mon May 18 15:31:06 EDT 2020 

    [ https://issues.redhat.com/browse/WFLY-13426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14103701#comment-14103701 ] 

Paul Ferraro commented on WFLY-13426:
-------------------------------------

That sounds about right.  In ProtoStream, only those classes with a predefined protobuf schema can ever be marshalled/unmarshalled.

For those deployments use JBoss Marshalling, we essentially need a custom ClassResolver [1] implementation, whose resolveClass(...) and resolveProxyClass(...) methods validate class names against some user supplied list before attempting to resolve the class (thus preventing execution of rogue code within static blocks).  If the class is allowed to be loaded, then we assume the class is safe to deserialize.

[1] https://github.com/jboss-remoting/jboss-marshalling/blob/master/api/src/main/java/org/jboss/marshalling/ClassResolver.java

> Optimize marshalling in clustering subsystems using ProtoStream
> ---------------------------------------------------------------
>
>                 Key: WFLY-13426
>                 URL: https://issues.redhat.com/browse/WFLY-13426
>             Project: WildFly
>          Issue Type: Task
>          Components: Clustering
>    Affects Versions: 19.1.0.Final
>            Reporter: Paul Ferraro
>            Assignee: Paul Ferraro
>            Priority: Major
>
> Currently, WildFly uses JBoss Marshalling to marshal user objects (session attributes, SFSB instances, etc.) for the purposes of replication and persistence.
> Protostream (developed by the Infinispan team) offers several advantages over JBoss Marshalling.
> * Lower memory footprint (marshalling schemas are built during compilation time)
> ** Marshalling is granular, thus avoiding lots of large buffer copying
> * Faster marshalling - as it does not rely on reflection
> * Produces generally smaller replication payloads (see https://docs.google.com/spreadsheets/d/1f6FlXqxX7dYm44naHZfqLc5TjqlmscIdGyyfmt5I3f4/edit?usp=sharing )
> * Resolves security concerns due to JBM's reliance on reflection and Java serialization inherently permitting arbitrary execution of rogue code
> * JBoss Marshalling is effectively in maintenance mode



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list