XStream2SecurityUtils (Jenkins core 2.454 API)

java.lang.Object
- hudson.util.XStream2SecurityUtils

```
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public class XStream2SecurityUtils
extends Object
```
Strongly inspired by https://github.com/x-stream/xstream/blob/61a00fa225dc99488013869b57b772af8e2fea03/xstream/src/java/com/thoughtworks/xstream/core/SecurityUtils.java#L25 and taking into account https://github.com/x-stream/xstream/issues/282 Once the related issue is fixed, we will be able to use the regular method from XStream.

See Also:

SecurityUtils

Constructor Summary

Constructors
Constructor Description

XStream2SecurityUtils()

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static void`	`checkForCollectionDoSAttack(com.thoughtworks.xstream.converters.UnmarshallingContext context, long startNano)`	Check the consumed time adding elements to collections or maps.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - XStream2SecurityUtils
```
public XStream2SecurityUtils()
```
- Method Detail
  - checkForCollectionDoSAttack
```
public static void checkForCollectionDoSAttack(com.thoughtworks.xstream.converters.UnmarshallingContext context,
                                               long startNano)
```
    Check the consumed time adding elements to collections or maps. Every custom converter should call this method after an unmarshalled element has been added to a collection or map. In case of an attack the operation will take too long, because the calculation of the hash code or the comparison of the elements in the collection operate on recursive structures.
    
    Parameters:
    
    context - the unmarshalling context
    
    startNano - the nanoTime just before the element was added to the collection or map
    
    Since:
    
    1.4.19