On Wed, 1 May 2024 18:43:21 GMT, Roger Riggs <rri...@openjdk.org> wrote:
> The issue reported a ClassCastException "cannot assign instance of > java.util.CollSer to field of type java.util.Map" > while deserializing an object referring to an immutable Map that contained a > reference to a class that was not available. > Immutable Collections such as Map utilize a serialization proxy in their > serialized form. > During deserialization the serialization proxy (a private implementation > class) was attempted to be set in a field resulting in the > ClassCastException. The ClassCastException and bug hid the ClassCastException > that should have been thrown. > > When reading record fields or fields of a class, the results of > deserialization of individual fields are recorded as dependencies of the > object being constructed. > The apparent bug is that the summary of those dependencies is not checked > between reading the fields and invoking the constructor to create the record > or assigning the fields to an object being constructed. This pull request has now been integrated. Changeset: 8291c94b Author: Roger Riggs <rri...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/8291c94bcdbb01beddc94f290f2749841404cc0c Stats: 199 lines in 2 files changed: 195 ins; 0 del; 4 mod 8331224: ClassCastException in ObjectInputStream hides ClassNotFoundException Reviewed-by: smarks ------------- PR: https://git.openjdk.org/jdk/pull/19043
