-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 7-pool, 8-pool, 11-pool, 17-pool
-
Component/s: core-libs
-
None
During deserialization of a serialized data stream that contains a proxy descriptor with non-public interfaces
java.io.ObjectInputStream` checks that the interfaces can be loaded from a single classloader in `ObjectInputStream.resolveProxyClass`.
If the interfaces cannot be loaded from a single classloader, an `IllegalAccessError` is thrown.
When `ObjectInputStream.readObject` encounters this case, it reflects an incompatibility
between the classloaders of the source of the serialized stream and the classloader being used for deserialization.
When a proxy object cannot be created from the interfaces, `ObjectInputStream.readObject` should catch
the `InvalidAccessError` and throw `InvalidObjectException` with the `InvalidAccessError` as the cause.
This allows the application to handle the exception consistently with other errors during deserialization.
java.io.ObjectInputStream` checks that the interfaces can be loaded from a single classloader in `ObjectInputStream.resolveProxyClass`.
If the interfaces cannot be loaded from a single classloader, an `IllegalAccessError` is thrown.
When `ObjectInputStream.readObject` encounters this case, it reflects an incompatibility
between the classloaders of the source of the serialized stream and the classloader being used for deserialization.
When a proxy object cannot be created from the interfaces, `ObjectInputStream.readObject` should catch
the `InvalidAccessError` and throw `InvalidObjectException` with the `InvalidAccessError` as the cause.
This allows the application to handle the exception consistently with other errors during deserialization.
- csr for
-
JDK-8280906 ObjectInputStream.readObject should throw InvalidClassException instead of IllegalAccessError
-
- Closed
-
