[jira] Created: (DIRMINA-824) AbstractIoBuffer.getObject cannot handle non-serializable class

Wed, 16 Mar 2011 20:37:13 -0700 

AbstractIoBuffer.getObject cannot handle non-serializable class
---------------------------------------------------------------

                 Key: DIRMINA-824
                 URL: https://issues.apache.org/jira/browse/DIRMINA-824
             Project: MINA
          Issue Type: Bug
          Components: Core
    Affects Versions: 2.0.2
            Reporter: Rob Eden


The inner class implementation of ObjectInputStream used in 
AbstractIoBuffer.getObject(ClassLoader) contains the following (lines 1960-1964 
in revision 995776):

    case 1: // Non-primitive types
        String className = readUTF();
        Class<?> clazz = Class.forName(className, true,
            classLoader);
        return ObjectStreamClass.lookup(clazz);

Instead of ObjectStreamClass.lookup(Class), it should use 
ObjectStreamClass.lookupAny(Class), which would allow non-serializable classes 
to be handled.

The following unit test illustrates the problem:

    public class MINABufferSerializationTest extends TestCase {
        public void testGetObject() throws Exception {
            IoBuffer buffer = IoBuffer.allocate( 8 * 1024 );
            buffer.putObject( System.class );
            buffer.flip();

            Object obj = buffer.getObject();
            assertEquals( System.class, obj );
        }
    }

When run, the following NPE is generated in the getObject:

java.lang.NullPointerException
        at java.io.ObjectStreamClass.initNonProxy(ObjectStreamClass.java:534)
        at 
java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1582)
        at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1495)
        at java.io.ObjectInputStream.readClass(ObjectInputStream.java:1461)
        at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1311)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:350)
        at 
org.apache.mina.core.buffer.AbstractIoBuffer.getObject(AbstractIoBuffer.java:1990)
        at 
org.apache.mina.core.buffer.AbstractIoBuffer.getObject(AbstractIoBuffer.java:1927)
        at 
com.starlight.intrepid.MINABufferSerializationTest.testGetObject(MINABufferSerializationTest.java:14)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at 
com.intellij.junit3.JUnit3IdeaTestRunner.doRun(JUnit3IdeaTestRunner.java:109)
        at 
com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:65)

The happens because the current ObjectStreamClass.lookup(Class) call returns 
null since the System class is not serializable.

This is a blocking issue for my application as non-serializable class 
descriptors (Class objects) are often serialized.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to