-
Bug
-
Resolution: Fixed
-
Minor
-
Jenkins v 2.109
java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)
We make use of the ConcurrentLinkedQueue class, and which is not white-listed like other concurrent collections are. The unmarshalling and marshalling of the field fails with the following error:
Feb 28, 2018 9:08:22 AM WARNING jenkins.security.ClassFilterImpl lambda$isBlacklisted$1
java.util.concurrent.ConcurrentLinkedQueue in JRE might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/
java.lang.UnsupportedOperationException: Refusing to marshal java.util.concurrent.ConcurrentLinkedQueue for security reasons; see https://jenkins.io/redirect/class-filter/
at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:543)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
Code changed in jenkins
User: Carl-Frederik Hallberg
Path:
core/src/main/resources/jenkins/security/whitelisted-classes.txt
http://jenkins-ci.org/commit/jenkins/e5f61e29e260688d7d73339202c22ca199535018
Log:
JENKINS-49788Added ConcurrentLinkedQueue to whitelisted classes. (#3315)