Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8280642

ObjectInputStream.readObject should throw InvalidClassException instead of IllegalAccessError

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P4 P4
    • 19
    • 7-pool, 8-pool, 11-pool, 17-pool
    • core-libs
    • None

      During deserialization of a serialized data stream that contains a proxy descriptor with non-public interfaces
      java.io.ObjectInputStream` checks that the interfaces can be loaded from a single classloader in `ObjectInputStream.resolveProxyClass`.
      If the interfaces cannot be loaded from a single classloader, an `IllegalAccessError` is thrown.
      When `ObjectInputStream.readObject` encounters this case, it reflects an incompatibility
      between the classloaders of the source of the serialized stream and the classloader being used for deserialization.
      When a proxy object cannot be created from the interfaces, `ObjectInputStream.readObject` should catch
      the `InvalidAccessError` and throw `InvalidObjectException` with the `InvalidAccessError` as the cause.
      This allows the application to handle the exception consistently with other errors during deserialization.

            rriggs Roger Riggs
            rriggs Roger Riggs
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: