Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49070

java.math.BigDecimal in JRE might be dangerous (JEP in 2.103)

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Received this stacktrace for a build on a Linux slave after upgrade to v 2.103  (didn't install 2.102, so not sure if it was present there):

      java.lang.UnsupportedOperationException: Refusing to marshal java.math.BigDecimal for security reasons; see https://jenkins.io/redirect/class-filter/
       at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:51)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTValue#value for class org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTValue$1
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
       at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
       at com.thoughtworks.xstream.converters.collections.MapConverter.marshal(MapConverter.java:79)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTNamedArgumentList#arguments for class org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTNamedArgumentList
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTStep#args for class org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTStep
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
       at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
       at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTBranch#steps for class org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTBranch
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
       at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
       at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTStage#branches for class org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTStage
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
       at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
       at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTStages#stages for class org.jenkinsci.plugins.pipeline.modeldefinition.ast.ModelASTStages
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
       at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
       at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize org.jenkinsci.plugins.pipeline.modeldefinition.actions.ExecutionModelAction#stagesList for class org.jenkinsci.plugins.pipeline.modeldefinition.actions.ExecutionModelAction
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
       at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
       at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
       at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize hudson.model.Actionable#actions for class org.jenkinsci.plugins.workflow.job.WorkflowRun
       at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
       at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
       at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
       at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
       at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
       at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
       at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
       at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
       at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
       at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
       at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
       at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
       at hudson.XmlFile.write(XmlFile.java:194)
      Caused: java.io.IOException
       at hudson.XmlFile.write(XmlFile.java:201)
       at hudson.model.Run.save(Run.java:1923)
       at hudson.BulkChange.commit(BulkChange.java:98)
       at org.jenkinsci.plugins.workflow.cps.CpsFlowExecution.notifyListeners(CpsFlowExecution.java:1229)
       at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$3.run(CpsThreadGroup.java:408)
       at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$1.run(CpsVmExecutorService.java:35)
       at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
       at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
       at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
       at java.util.concurrent.FutureTask.run(FutureTask.java:266)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
       at java.lang.Thread.run(Thread.java:748)  

      Jenkins master information:

      os.name = Linux
      os.version = 3.16.0-5-amd64
      java.runtime.name = OpenJDK Runtime Environment
      java.runtime.version = 1.8.0_131-8u131-b11-1~bpo8+1-b11
      pipeline-model-definition = version 1.2.6

      Jenkins build slave information:

      os.name = Linux
      os.version = 3.16.0-5-amd64
      java.runtime.name = Java(TM) SE Runtime Environment
      java.runtime.version = 1.8.0_121-b13

        Attachments

          Activity

          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Yey, I was sure that BigSomething types will blow up somewhere

          Show
          oleg_nenashev Oleg Nenashev added a comment - Yey, I was sure that BigSomething types will blow up somewhere
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Pieter-Jan Busschaert could you please provide your Pipeline script? I'd guess the issue is not related to the Pipeline Model Definition plugin itself, but it comes from another plugin or local variable which we need to triage

          Show
          oleg_nenashev Oleg Nenashev added a comment - Pieter-Jan Busschaert could you please provide your Pipeline script? I'd guess the issue is not related to the Pipeline Model Definition plugin itself, but it comes from another plugin or local variable which we need to triage
          Hide
          pjaytycy Pieter-Jan Busschaert added a comment -

          Pipeline script (slightly edited to remove private info):

          pipeline {
              agent { label 'python2 && linux' }
          
              stages {
                  stage('Test') {
                      steps {
                          sh 'python -m <path_to_module_to_test>'
                      }
                  }
                  stage('Collect'){
                      steps {
                          junit healthScaleFactor: 5.0, testResults: '<test_output_dir>/*.xml'
                          step([$class: 'CoberturaPublisher', coberturaReportFile: 'coverage.xml'])
                      }
                  }
              }
              
              post {
                  always {
                      step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: '<my_email>', sendToIndividuals: true])
                  }
              }
          }
          Show
          pjaytycy Pieter-Jan Busschaert added a comment - Pipeline script (slightly edited to remove private info): pipeline { agent { label 'python2 && linux' } stages { stage( 'Test' ) { steps { sh 'python -m <path_to_module_to_test>' } } stage( 'Collect' ){ steps { junit healthScaleFactor: 5.0, testResults: '<test_output_dir>/*.xml' step([$class: 'CoberturaPublisher' , coberturaReportFile: 'coverage.xml' ]) } } } post { always { step([$class: 'Mailer' , notifyEveryUnstableBuild: true , recipients: '<my_email>' , sendToIndividuals: true ]) } } }
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Will try to reproduce it. Maybe "5.0" gets converted in a weird way.
          Pieter-Jan Busschaert would iy be possible to get a full build log? It would allow to discover the step where the serialization fails

          Show
          oleg_nenashev Oleg Nenashev added a comment - Will try to reproduce it. Maybe "5.0" gets converted in a weird way. Pieter-Jan Busschaert would iy be possible to get a full build log? It would allow to discover the step where the serialization fails
          Hide
          pjaytycy Pieter-Jan Busschaert added a comment -

          build log:

          Started by an SCM change
          Lightweight checkout support not available, falling back to full checkout.
          Checking out svn <svn_repo_url> into /var/lib/jenkins/jobs/<job_name>/workspace@script to read Jenkinsfile
          Updating <svn_repo_url> at revision '2018-01-22T09:37:09.544 +0100'
          Using sole credentials <username>/****** in realm <svn_realm>
          At revision 2672
          
          No changes for <svn_repo_url> since the previous build
          [Pipeline] End of Pipeline 
          java.lang.UnsupportedOperationException: Refusing to marshal java.math.BigDecimal for security reasons; see https://jenkins.io/redirect/class-filter/
          at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530)
          ...
          Show
          pjaytycy Pieter-Jan Busschaert added a comment - build log: Started by an SCM change Lightweight checkout support not available, falling back to full checkout. Checking out svn <svn_repo_url> into / var /lib/jenkins/jobs/<job_name>/workspace@script to read Jenkinsfile Updating <svn_repo_url> at revision '2018-01-22T09:37:09.544 +0100' Using sole credentials <username>/****** in realm <svn_realm> At revision 2672 No changes for <svn_repo_url> since the previous build [Pipeline] End of Pipeline java.lang.UnsupportedOperationException: Refusing to marshal java.math.BigDecimal for security reasons; see https: //jenkins.io/redirect/ class- filter/ at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530) ...
          Hide
          pjaytycy Pieter-Jan Busschaert added a comment -

          I can confirm changing the "junit healtScaleFactor" from 5.0 to 5 in the Jenkinsfile solved the issue.

           

          Note: the pipeline syntax generator in Jenkins generates "5.0" even if I enter "5" in the parameter field.

          Show
          pjaytycy Pieter-Jan Busschaert added a comment - I can confirm changing the "junit healtScaleFactor" from 5.0 to 5 in the Jenkinsfile solved the issue.   Note: the pipeline syntax generator in Jenkins generates "5.0" even if I enter "5" in the parameter field.
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Let's fix it on the core side. Likely somebody should fix Snippet Generator as well, but this is a minor issue

          Show
          oleg_nenashev Oleg Nenashev added a comment - Let's fix it on the core side. Likely somebody should fix Snippet Generator as well, but this is a minor issue
          Hide
          oleg_nenashev Oleg Nenashev added a comment -
          Show
          oleg_nenashev Oleg Nenashev added a comment - Created https://github.com/jenkinsci/jenkins/pull/3251 to the core
          Hide
          jglick Jesse Glick added a comment -

          This has nothing to do with Snippetizer, which would bind Float or Double. Whatever ModelASTValue.value is supposed to be (just typed as Object), that is what is causing problems. Likely a flaw in Declarative somewhere Andrew Bayer.

          Show
          jglick Jesse Glick added a comment - This has nothing to do with Snippetizer , which would bind Float or Double . Whatever ModelASTValue.value is supposed to be (just typed as Object ), that is what is causing problems. Likely a flaw in Declarative somewhere Andrew Bayer .
          Hide
          jglick Jesse Glick added a comment -

          So the first PR to be created should be in pipeline-model-definition-plugin/pipeline-model-api I suppose.

          Show
          jglick Jesse Glick added a comment - So the first PR to be created should be in pipeline-model-definition-plugin/pipeline-model-api I suppose.
          Hide
          abayer Andrew Bayer added a comment -

          ModelASTValue.value can be a boolean, a number, or a string, in practice. The string may actually represent a GString, but it's not an instance of a GString.

          Show
          abayer Andrew Bayer added a comment - ModelASTValue.value can be a boolean, a number, or a string, in practice. The string may actually represent a GString, but it's not an instance of a GString.
          Hide
          abayer Andrew Bayer added a comment -

          Got a PR up at https://github.com/jenkinsci/pipeline-model-definition-plugin/pull/239 to prevent Declarative from storing BigDecimal or BigInteger in its AST model at all - Groovy parses 0.1 as a BigDecimal, so we will now convert that before we store it, while we'll throw a validation error for use of an integer constant bigger than Long.MAX_VALUE.

          Show
          abayer Andrew Bayer added a comment - Got a PR up at https://github.com/jenkinsci/pipeline-model-definition-plugin/pull/239 to prevent Declarative from storing BigDecimal or BigInteger in its AST model at all - Groovy parses 0.1 as a BigDecimal , so we will now convert that before we store it, while we'll throw a validation error for use of an integer constant bigger than Long.MAX_VALUE .
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          core/src/main/resources/jenkins/security/whitelisted-classes.txt
          http://jenkins-ci.org/commit/jenkins/1393f69359145bf14e0da19ae328b51ba9be34bd
          Log:
          JENKINS-49070 - Whitelist BigDecimal and BigInteger

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: core/src/main/resources/jenkins/security/whitelisted-classes.txt http://jenkins-ci.org/commit/jenkins/1393f69359145bf14e0da19ae328b51ba9be34bd Log: JENKINS-49070 - Whitelist BigDecimal and BigInteger
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          core/src/main/resources/jenkins/security/whitelisted-classes.txt
          http://jenkins-ci.org/commit/jenkins/b550c33301dfa66137a980957a97b4c65f431522
          Log:
          Merge pull request #3251 from oleg-nenashev/feature/JENKINS-49070-big-decimal

          JENKINS-49070 - Whitelist BigDecimal and BigInteger

          Compare: https://github.com/jenkinsci/jenkins/compare/31d3573c5869...b550c33301df

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: core/src/main/resources/jenkins/security/whitelisted-classes.txt http://jenkins-ci.org/commit/jenkins/b550c33301dfa66137a980957a97b4c65f431522 Log: Merge pull request #3251 from oleg-nenashev/feature/ JENKINS-49070 -big-decimal JENKINS-49070 - Whitelist BigDecimal and BigInteger Compare: https://github.com/jenkinsci/jenkins/compare/31d3573c5869...b550c33301df
          Hide
          pjaytycy Pieter-Jan Busschaert added a comment -

          Thanks for investigating and fixing this issue so fast! Really appreciated.

          Show
          pjaytycy Pieter-Jan Busschaert added a comment - Thanks for investigating and fixing this issue so fast! Really appreciated.
          Hide
          danielbeck Daniel Beck added a comment -

          Resolved towards 2.104.

          Show
          danielbeck Daniel Beck added a comment - Resolved towards 2.104.
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Andrew Bayer
          Path:
          pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/ModelParser.groovy
          pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties
          pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/BasicModelDefTest.java
          pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/ValidatorTest.java
          pipeline-model-definition/src/test/resources/bigDecimalConverts.groovy
          pipeline-model-definition/src/test/resources/errors/bigIntegerFailure.groovy
          http://jenkins-ci.org/commit/pipeline-model-definition-plugin/029b1f981eb9e924cb93991ed895682fb179d068
          Log:
          JENKINS-49070 Avoid serializing BigDecimal and BigInteger in the model

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Andrew Bayer Path: pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/ModelParser.groovy pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/BasicModelDefTest.java pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/ValidatorTest.java pipeline-model-definition/src/test/resources/bigDecimalConverts.groovy pipeline-model-definition/src/test/resources/errors/bigIntegerFailure.groovy http://jenkins-ci.org/commit/pipeline-model-definition-plugin/029b1f981eb9e924cb93991ed895682fb179d068 Log: JENKINS-49070 Avoid serializing BigDecimal and BigInteger in the model
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Andrew Bayer
          Path:
          Jenkinsfile
          pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/ModelParser.groovy
          pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties
          pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/BasicModelDefTest.java
          pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/ValidatorTest.java
          pipeline-model-definition/src/test/resources/bigDecimalConverts.groovy
          pipeline-model-definition/src/test/resources/errors/bigIntegerFailure.groovy
          http://jenkins-ci.org/commit/pipeline-model-definition-plugin/6fd36ef29323d404945057cb6a94b7234f56e95b
          Log:
          Merge pull request #239 from abayer/jenkins-49070

          JENKINS-49070 Avoid serializing BigDecimal and BigInteger in the model

          Compare: https://github.com/jenkinsci/pipeline-model-definition-plugin/compare/7736888a9226...6fd36ef29323

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Andrew Bayer Path: Jenkinsfile pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/ModelParser.groovy pipeline-model-definition/src/main/resources/org/jenkinsci/plugins/pipeline/modeldefinition/Messages.properties pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/BasicModelDefTest.java pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/ValidatorTest.java pipeline-model-definition/src/test/resources/bigDecimalConverts.groovy pipeline-model-definition/src/test/resources/errors/bigIntegerFailure.groovy http://jenkins-ci.org/commit/pipeline-model-definition-plugin/6fd36ef29323d404945057cb6a94b7234f56e95b Log: Merge pull request #239 from abayer/jenkins-49070 JENKINS-49070 Avoid serializing BigDecimal and BigInteger in the model Compare: https://github.com/jenkinsci/pipeline-model-definition-plugin/compare/7736888a9226...6fd36ef29323
          Hide
          abayer Andrew Bayer added a comment -

          And Declarative 1.2.7 (releasing shortly) fixes this from the other side by preventing potential serialization of BigDecimal in the first place by overriding Groovy's behavior of taking any floating-point literal as a BigDecimal (i.e., def foo = 0.1; foo instanceof BigDecimal).

          Show
          abayer Andrew Bayer added a comment - And Declarative 1.2.7 (releasing shortly) fixes this from the other side by preventing potential serialization of BigDecimal in the first place by overriding Groovy's behavior of taking any floating-point literal as a BigDecimal (i.e., def foo = 0.1; foo instanceof BigDecimal ).

            People

            • Assignee:
              oleg_nenashev Oleg Nenashev
              Reporter:
              pjaytycy Pieter-Jan Busschaert
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: