7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException

Sebastian Sickelmann sebastian.sickelmann at gmx.de
Mon Aug 22 06:03:02 PDT 2011


while making some change for using exception-chaining on 
RuntimeException in more cases, i found that 
javax.xml.crypto.NoSuchMechnismException had a private cause field that 
isn't necessary since throwable can handle it. But just removing isn't 
that simple as Alan pointed out[1].
First of all i thought just changing the serialversionUID was the right 
solution, but Alan disagreed and i actually think that too. Unfortunatly 
Alan doen't had the time to explain it in detail, but i think that we 
must search for a solution that doen't break backward serialization 

I created a webrev for my suggested change here:

In a following post Alan writes that this should best be discussed here. 
What is the hg repository for patches in this mailinglist? I don't see 
any security-dev related repository for openjdk8 in 
http://hg.openjdk.java.net/ the patch is based on *** 
<http://hg.openjdk.java.net/jdk8/tl/jdk/>*jdk8/tl/jdk maybe i should 
rebase it onto another repository.

Another problem i have is testing. I think we should add some test for 
this. But got no real clue how to do it right. I tested it manually with 
the source here[2] and the files in here[3].

The files are created with an openjdk7 build(Unfortunatly i think with 
an quite old private build) and with an openjdk8(with my patches to 
NoSuchMechanismException). I tested it manually with my openjdk 7 and 8 
build and in both cases the serialized objects could be loaded correctly 
in all cases.

What is the best way to test this automatically. I thought about 
checking if the newly created openjdk8 serialization is binary equal to 
the jdk7 output, but it isn't because of some unavoidable changes (ex. 
jdk8 has the custom-serialization-bit)

Alan mentioned that it may be ok to embed some serialized-objects as 
byte[] in testcode.
I will try to create a jtreg for this. Hope to be back on this soon. In 
the meantime it would be great to have someone reviewed the webrev.

@core-libs-dev: I crosspost it to core-libs-dev because the thread 
started there. So the interessted parties can move over to security-dev 

-- Sebastian



[3] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20110822/3d971cbd/attachment.html 

More information about the security-dev mailing list