RFR: 8280642: IllegalAccessError thrown by ObjectInputStream.resolveProxyClass is not handled
Roger Riggs
rriggs at openjdk.java.net
Fri Jan 28 21:08:23 UTC 2022
During deserialization of a serialized data stream that contains a proxy descriptor with non-public interfaces
`java.io.ObjectInputStream` checks that the interfaces can be loaded from a single classloader in `ObjectInputStream.resolveProxyClass`.
If the interfaces cannot be loaded from a single classloader, an `IllegalAccessError` is thrown.
When `ObjectInputStream.readObject` encounters this case, it reflects an incompatibility
between the classloaders of the source of the serialized stream and the classloader being used for deserialization.
When a proxy object cannot be created from the interfaces, `ObjectInputStream.readObject` should catch
the `InvalidAccessError` and throw `InvalidObjectException` with the `InvalidAccessError` as the cause.
This allows the application to handle the exception consistently with other errors during deserialization.
-------------
Commit messages:
- 8280642: IllegalAccessError thrown by ObjectInputStream.resolveProxyClass is not handled
Changes: https://git.openjdk.java.net/jdk/pull/7274/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=7274&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8280642
Stats: 13 lines in 2 files changed: 5 ins; 0 del; 8 mod
Patch: https://git.openjdk.java.net/jdk/pull/7274.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/7274/head:pull/7274
PR: https://git.openjdk.java.net/jdk/pull/7274
More information about the core-libs-dev
mailing list