classpath-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cp-patches] New serialization fix

From: Guilhem Lavaux
Subject: [cp-patches] New serialization fix
Date: Fri, 03 Dec 2004 22:58:55 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040804 
Hi,
It appears that GNU Classpath's ObjectInputStream is not sufficiently strict. One of kaffe's regression tests fails with the native JNI code of GNU Classpath. The reason is that kaffe was implementing an internal check on the invoked constructor: it must exists and not be private. I haven't yet uploaded a mauve test for it but you can check that the JDK is doing that by trying TestSerializable2 in kaffe's repository. Here is a patch to fix it in pure java. 

2004-12-03  Guilhem Lavaux  <address@hidden>

        * java/io/ObjectInputStream.java
        (newObject): Check whether the constructor exists and is not
        private before invoking it.


Regards,

Guilhem Lavaux.

Index: java/io/ObjectInputStream.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/io/ObjectInputStream.java,v
retrieving revision 1.48
diff -u -r1.48 ObjectInputStream.java
--- java/io/ObjectInputStream.java      6 Nov 2004 14:58:49 -0000       1.48
+++ java/io/ObjectInputStream.java      3 Dec 2004 21:58:14 -0000
@@ -41,12 +41,15 @@
 import gnu.classpath.Configuration;
 import gnu.java.io.ObjectIdentityWrapper;
 
+import java.lang.reflect.Constructor;
 import java.lang.reflect.Array;
 import java.lang.reflect.Field;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
 import java.lang.reflect.Proxy;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.Arrays;
 import java.util.Hashtable;
 import java.util.Vector;
@@ -1754,11 +1757,35 @@
   // returns a new instance of REAL_CLASS that has been constructed
   // only to the level of CONSTRUCTOR_CLASS (a super class of REAL_CLASS)
   private Object newObject (Class real_class, Class constructor_class)
-    throws ClassNotFoundException
+    throws ClassNotFoundException, IOException
   {
     try
       {
        Object obj = allocateObject (real_class);
+       final Class local_constructor_class = constructor_class;
+       Constructor void_constructor = (Constructor)
+         AccessController.doPrivileged(new PrivilegedAction()
+           {
+             public Object run()
+             {
+               try
+                 {
+                   return local_constructor_class.getDeclaredConstructor(new 
Class[0]);
+                 }
+               catch (NoSuchMethodException e)
+                 {
+                   return null;
+                 }
+             }
+            });
+
+       if (void_constructor == null)
+          throw new InvalidClassException(constructor_class.getName() + "; 
Missing no-arg constructor for class"); 
+         
+       if (Modifier.isPrivate(void_constructor.getModifiers()))
+         throw new InvalidClassException(constructor_class.getName() + 
+                                         "; IllegalAccessException");
+         
        callConstructor (constructor_class, obj);
        return obj;
       }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]