nobodyiam opened a new issue #2031: StackOverflowError when using hessian2 to serialize object with writeReplace method returning itself URL: https://github.com/apache/incubator-dubbo/issues/2031 - [x] I have searched the [issues](https://github.com/apache/incubator-dubbo/issues) of this repository and believe that this is not a duplicate. - [x] I have checked the [FAQ](https://github.com/apache/incubator-dubbo/wiki/FAQ) of this repository and believe that this is not a duplicate. ### Environment * Dubbo version: 2.5.10 * Operating System version: Mac * Java version: 1.7 ### Issue Description In java serialization, the writeReplace method allows the developer to provide a replacement object that will be serialized instead of the original one. Normally, this method would return another object. However, some classes may return itself, e.g. [JsonMappingException#Reference](https://github.com/FasterXML/jackson-databind/blob/master/src/main/java/com/fasterxml/jackson/databind/JsonMappingException.java#L173). In this case, hessian2 would enter an infinite recursion and finally get the `java.lang.StackOverflowError`. ### Step to reproduce this issue 1. Define a class with a `writeReplace` method return `this` ```java public class WriteReplaceReturningItself implements Serializable { private static final long serialVersionUID = 1L; private String name; WriteReplaceReturningItself(String name) { this.name = name; } public String getName() { return name; } /** * Some object may return itself for wrapReplace, e.g. * https://github.com/FasterXML/jackson-databind/blob/master/src/main/java/com/fasterxml/jackson/databind/JsonMappingException.java#L173 */ Object writeReplace() { //do some extra things return this; } } ``` 2. Use `Hessian2Output` to serialize it ```java ByteArrayOutputStream bout = new ByteArrayOutputStream(); Hessian2Output out = new Hessian2Output(bout); out.writeObject(data); out.flush(); ``` 3. Error occurs ``` java.lang.StackOverflowError at com.alibaba.com.caucho.hessian.io.SerializerFactory.getSerializer(SerializerFactory.java:302) at com.alibaba.com.caucho.hessian.io.Hessian2Output.writeObject(Hessian2Output.java:381) at com.alibaba.com.caucho.hessian.io.JavaSerializer.writeObject(JavaSerializer.java:226) at com.alibaba.com.caucho.hessian.io.Hessian2Output.writeObject(Hessian2Output.java:383) at com.alibaba.com.caucho.hessian.io.JavaSerializer.writeObject(JavaSerializer.java:226) ``` ### Expected Result The serialization process should complete with no exception or error. ### Actual Result ``` java.lang.StackOverflowError at com.alibaba.com.caucho.hessian.io.SerializerFactory.getSerializer(SerializerFactory.java:302) at com.alibaba.com.caucho.hessian.io.Hessian2Output.writeObject(Hessian2Output.java:381) at com.alibaba.com.caucho.hessian.io.JavaSerializer.writeObject(JavaSerializer.java:226) at com.alibaba.com.caucho.hessian.io.Hessian2Output.writeObject(Hessian2Output.java:383) at com.alibaba.com.caucho.hessian.io.JavaSerializer.writeObject(JavaSerializer.java:226) ```
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
