(commons-lang) branch master updated: LANG-1722: Rethrow NegativeArraySizeException as SerializationException in SerilizationUtils.deserialize(InputStream) (#1141)

[ggregory]

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-lang.git


The following commit(s) were added to refs/heads/master by this push:
     new c3f5f3204 LANG-1722: Rethrow NegativeArraySizeException as 
SerializationException in SerilizationUtils.deserialize(InputStream) (#1141)
c3f5f3204 is described below

commit c3f5f3204bcc8d62a56ff214e904876b7e7a206f
Author: Arthur Chan <arthur.c...@adalogics.com>
AuthorDate: Thu Dec 7 13:44:58 2023 +0000

    LANG-1722: Rethrow NegativeArraySizeException as SerializationException in 
SerilizationUtils.deserialize(InputStream) (#1141)
    
    * LANG-1722: Catch NegativeArraySizeException
    
    Signed-off-by: Arthur Chan <arthur.c...@adalogics.com>
    
    * Fix unit test formatting
    
    Signed-off-by: Arthur Chan <arthur.c...@adalogics.com>
    
    ---------
    
    Signed-off-by: Arthur Chan <arthur.c...@adalogics.com>
---
 src/main/java/org/apache/commons/lang3/SerializationUtils.java   | 2 +-
 .../java/org/apache/commons/lang3/SerializationUtilsTest.java    | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/apache/commons/lang3/SerializationUtils.java 
b/src/main/java/org/apache/commons/lang3/SerializationUtils.java
index b608b7dca..7ab6a1124 100644
--- a/src/main/java/org/apache/commons/lang3/SerializationUtils.java
+++ b/src/main/java/org/apache/commons/lang3/SerializationUtils.java
@@ -207,7 +207,7 @@ public class SerializationUtils {
             @SuppressWarnings("unchecked")
             final T obj = (T) in.readObject();
             return obj;
-        } catch (final ClassNotFoundException | IOException ex) {
+        } catch (final ClassNotFoundException | IOException | 
NegativeArraySizeException ex) {
             throw new SerializationException(ex);
         }
     }
diff --git a/src/test/java/org/apache/commons/lang3/SerializationUtilsTest.java 
b/src/test/java/org/apache/commons/lang3/SerializationUtilsTest.java
index 9e3ed25de..9c9efaad0 100644
--- a/src/test/java/org/apache/commons/lang3/SerializationUtilsTest.java
+++ b/src/test/java/org/apache/commons/lang3/SerializationUtilsTest.java
@@ -360,4 +360,13 @@ public class SerializationUtilsTest extends 
AbstractLangTest {
         assertThrows(SerializationException.class, () -> 
SerializationUtils.serialize(iMap, streamTest));
     }
 
+    @Test
+    public void testNegativeByteArray() throws IOException {
+        final byte[] byteArray = {
+            (byte) -84, (byte) -19, (byte) 0, (byte) 5, (byte) 125, (byte) 
-19, (byte) 0,
+            (byte) 5, (byte) 115, (byte) 114, (byte) -1, (byte) 97, (byte) 
122, (byte) -48, (byte) -65
+        };
+
+        assertThrows(SerializationException.class, () -> 
SerializationUtils.deserialize(new ByteArrayInputStream(byteArray)));
+    }
 }