[jira] [Resolved] (CAMEL-23782) camel-leveldb: apply an ObjectInputFilter to aggregation-repository key deserialization

Wed, 17 Jun 2026 10:48:10 -0700 


     [ 
https://issues.apache.org/jira/browse/CAMEL-23782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrea Cosentino resolved CAMEL-23782.
--------------------------------------
    Resolution: Fixed

> camel-leveldb: apply an ObjectInputFilter to aggregation-repository key 
> deserialization
> ---------------------------------------------------------------------------------------
>
>                 Key: CAMEL-23782
>                 URL: https://issues.apache.org/jira/browse/CAMEL-23782
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-leveldb
>            Reporter: Andrea Cosentino
>            Assignee: Andrea Cosentino
>            Priority: Major
>             Fix For: 4.14.8, 4.18.3, 4.21.0
>
>
> h3. Problem
> In {{DefaultLevelDBSerializer}}, the exchange deserialization path uses a 
> {{ClassLoadingAwareObjectInputStream}} with a configured 
> {{ObjectInputFilter}}, but {{deserializeKey(byte[])}} reads key bytes via a 
> raw {{ObjectInputStream}} with no filter. For defense-in-depth this 
> aggregation-repository key path should apply the same conservative filter as 
> the exchange path, consistent with the ObjectInputFilter hardening already 
> applied to other Camel deserialization sites.
> h3. Evidence
> * 
> components/camel-leveldb/src/main/java/org/apache/camel/component/leveldb/serializer/DefaultLevelDBSerializer.java:44
>  (raw new ObjectInputStream(...) in deserializeKey)
> * same file :81-84 (exchange path with setObjectInputFilter)
> h3. Suggested fix
> Wrap key deserialization in a ClassLoadingAwareObjectInputStream and apply 
> the same default ObjectInputFilter (keys are typically String, so a tight 
> allowlist is appropriate).
> h3. Acceptance criteria
> * deserializeKey applies an ObjectInputFilter consistent with the exchange 
> path
> * Default key types (e.g. String) still deserialize correctly
> * A unit test covers key round-trip and rejection of an unexpected class
> * Upgrade guide notes the tightened default if any previously-working key 
> class is now rejected
> _Created by Claude Code on behalf of Andrea Cosentino._



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to