BAEL-4946 moved deserialization vulnerabilities code to a new package
This commit is contained in:
parent
06aa7787bf
commit
ef8ca20541
|
@ -13,7 +13,7 @@ public class BadThingUnitTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@DisplayName("When a BadThing object is deserialized, then code execution in MyCustomAttackObject is run.")
|
@DisplayName("When a BadThing object is deserialized, then code execution in MyCustomAttackObject is run.")
|
||||||
public void testCodeExecution() throws Exception {
|
public void givenABadThingObject_whenItsDeserialized_thenExecutionIsRun() throws Exception {
|
||||||
BadThing bt = new BadThing();
|
BadThing bt = new BadThing();
|
||||||
|
|
||||||
bt.looselyDefinedThing = new MyCustomAttackObject();
|
bt.looselyDefinedThing = new MyCustomAttackObject();
|
Loading…
Reference in New Issue