Insecure Deserialization
What is Insecure Deserialization?
Insecure deserialization occurs when an application deserializes (converts from byte stream to object) untrusted data without proper validation. Attackers craft malicious serialized objects that execute code during the deserialization process.
How Does it Work?
Many languages have serialization formats (Java ObjectInputStream, Python pickle, PHP unserialize, .NET BinaryFormatter) that can instantiate arbitrary objects during deserialization. Attackers craft "gadget chains" — sequences of existing classes that achieve code execution when deserialized.
# VULNERABLE: Python pickle deserialization
import pickle
data = request.body # Untrusted data from user
obj = pickle.loads(data) # Arbitrary code execution!
# How the attack works:
import pickle, os
class Exploit:
def __reduce__(self):
return (os.system, ("id",))
payload = pickle.dumps(Exploit())
# When deserialized, executes 'id' command
# SECURE: Use JSON with schema validation
import json, jsonschema
data = json.loads(request.body)
jsonschema.validate(data, schema)
// VULNERABLE: Java ObjectInputStream
ObjectInputStream in = new ObjectInputStream(inputStream);
MyObject obj = (MyObject) in.readObject(); // Gadget chain execution!
// SECURE: Use JSON with strict type mapping
ObjectMapper mapper = new ObjectMapper();
mapper.activateDefaultTyping(/* restrict types */);
MyObject obj = mapper.readValue(jsonString, MyObject.class);
Real-World Examples
Log4Shell (CVE-2021-44228) involved JNDI deserialization leading to RCE. The Apache Commons Collections "gadget chain" enabled RCE in thousands of Java applications. Python pickle deserialization is routinely exploitable for code execution.
Security Impact
Insecure deserialization can lead to remote code execution, authentication bypass, denial of service, and privilege escalation. It is particularly dangerous because exploitation often requires no authentication.
Prevention & Mitigation
Never deserialize untrusted data. Use JSON/YAML with schema validation instead of language-native serialization. Implement deserialization type filtering (Java's ObjectInputFilter). Monitor deserialization errors.
How Precogs AI Stops Insecure Deserialization
Precogs AI identifies insecure deserialization patterns in AI-generated code and detects deserialization sinks (ObjectInputStream, pickle.loads, unserialize) in compiled applications during Binary SAST analysis.