RFR: JDK-8146568 NegativeArraySizeException in ArrayList.grow(int)
Martin Buchholz
martinrb at google.com
Fri Jan 22 20:02:44 UTC 2016
On Fri, Jan 22, 2016 at 10:03 AM, Stuart Marks <stuart.marks at oracle.com> wrote:
> On readObject(), ok, you went ahead and rearranged some stuff. You hit a
> couple of the issues I had spotted, namely the multiple assignment to
> elementData and the potentially confusing reuse of the name 'elementData'.
>
> The other issue was if size is less than zero. This could only occur with a
> corrupted or tampered serialized data stream. The old code would
> "successfully" deserialize a dysfunctional ArrayList instance, whereas the
> modified code will throw NegativeArraySizeException from readObject().
>
> I don't know if that was intentional, but I prefer the new behavior!
>
> Strictly speaking I think throwing InvalidObjectException would preferable,
> but if you want to push what you have, I'm ok with it.
I went "by the book" as you suggested and now throw
InvalidObjectException when size < 0.
(But I've been saying for a decade: if we're serious about
Serialization, it needs to be someone's full time job)
I'll commit tomorrow if I don't hear otherwise.
More information about the core-libs-dev
mailing list