Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4950874

Deserialization of multiple Calendar objects fails under applet security manager

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: P3 P3
    • None
    • 1.4.1, 1.4.2
    • core-libs



      Name: jl125535 Date: 11/07/2003


      FULL PRODUCT VERSION :
      java version "1.4.2"
      Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2-b28)
      Java HotSpot(TM) Client VM (build 1.4.2-b28, mixed mode)

      java version "1.4.2_02"
      Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_02-b03)
      Java HotSpot(TM) Client VM (build 1.4.2_02-b03, mixed mode)

      FULL OS VERSION :
      Linux xxx 2.4.20 #2 SMP Fri Sep 26 16:02:02 EEST 2003 i686 unknown
      Microsoft Windows 2000 [Version 5.00.2195]
      Microsoft Windows XP [Version 5.1.2600]

      A DESCRIPTION OF THE PROBLEM :
      If the serialization stream contains more than one java.util.Calendar object, deserializing it under applet security manager throws a StreamCorruptedException. If it contains only one Calendar object it deserializes fine. The test case demonstrates the problem with two Calendar objects in an array. However, the same problem occurs also when the two objects are written separately (two writeObject calls) to the same ObjectOutputStream or when the Calendar objects are reachable from an ordinary (not an array) object that is written to the stream. This problem only occurs under the applet security manager, so normally one sees it only in the appletviewer and the Java Plug-in.

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      Run the given test case.

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Test case should not throw an exception.
      ACTUAL -
      The test case throws a StreamCorruptedException when it tries to deserialize the Calendar object array.


      ERROR MESSAGES/STACK TRACES THAT OCCUR :
      Exception in thread "main" java.io.StreamCorruptedException
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1301)
              at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1603)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1271)
              at java.io.ObjectInputStream.readObject(ObjectInputStream.java:324)
              at Bug.main(Bug.java:11)

      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      import java.io.*;
      public class Bug {
          public static void main(String args[]) throws Exception {
              System.setSecurityManager(new sun.applet.AppletSecurity());
              Object[] o = new Object[] {
                  java.util.Calendar.getInstance(),
                  java.util.Calendar.getInstance()
              };
              ByteArrayOutputStream baos = new ByteArrayOutputStream();
              new ObjectOutputStream(baos).writeObject(o);
              new ObjectInputStream(new ByteArrayInputStream(
                  baos.toByteArray())).readObject();
          }
      }

      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      When you need to serialize time information, use some other representation for time than a Calendar.
      (Incident Review ID: 217666)
      ======================================================================

            okutsu Masayoshi Okutsu
            jleesunw Jon Lee (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: