On Fri, 28 Jan 2022 21:02:23 GMT, Roger Riggs <[email protected]> wrote:
> During deserialization of a serialized data stream that contains a proxy
> descriptor with non-public interfaces
> `java.io.ObjectInputStream` checks that the interfaces can be loaded from a
> single classloader in `ObjectInputStream.resolveProxyClass`.
> If the interfaces cannot be loaded from a single classloader, an
> `IllegalAccessError` is thrown.
> When `ObjectInputStream.readObject` encounters this case, it reflects an
> incompatibility
> between the classloaders of the source of the serialized stream and the
> classloader being used for deserialization.
> When a proxy object cannot be created from the interfaces,
> `ObjectInputStream.readObject` should catch
> the `InvalidAccessError` and throw `InvalidObjectException` with the
> `InvalidAccessError` as the cause.
> This allows the application to handle the exception consistently with other
> errors during deserialization.
Looks good.
In the CSR, I see some `InvalidAccessError` which should be
`IllegalAccessError`.
src/java.base/share/classes/java/io/ObjectInputStream.java line 1999:
> 1997: resolveEx = ex;
> 1998: } catch (IllegalAccessError err) {
> 1999: IOException ice = new
> InvalidObjectException(err.getMessage());
Would the variable be `ioe`?
-------------
Marked as reviewed by naoto (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/7274
