RFR: 8273660: De-Serialization Stack is suppressing ClassNotFoundException [v2]
Roger Riggs
rriggs at openjdk.java.net
Fri Oct 29 16:29:13 UTC 2021
On Fri, 29 Oct 2021 16:14:57 GMT, Michael McMahon <michaelm at openjdk.org> wrote:
> How likely is it that existing code is using ObjectInputStream::getFields and is already handling class not found by checking for null return from the returned GetField?
Very unlikely, a field value may be null for because it really is null or it is a field for which there is no value in the stream (supporting evolution). Class not found is supposed to show up as an exception.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6053
More information about the core-libs-dev
mailing list