Fix code scanning alert - Deserialization of user-controlled data
northlander opened this issue · comments
Petter Nordlander commented
Tracking issue for:
Petter Nordlander commented
Will close this one. It's about dealing with ObjectMessage from a dump. Not sure it's possible to do without serialization. Of course, ObjectMessage is a security issue in itself, but if someone decide it's safe to deal with them in their broker, then this software should not make any other assumptions.