Details
-
Sub-task
-
Resolution: Delivered
-
P3
-
21
Description
`ObjectInputStream::readObject()` now throws a `StreamCorruptedException` instead of a `NegativeArraySizeException` when reading an array with a negative array size from a corrupted object input stream. Collection classes with a custom `readObject()` method which previously threw a `NegativeArraySizeException` when the number of their elements read from the deserialization stream was negative will now throw a `StreamCorruptedException` instead.
Attachments
Issue Links
- relates to
-
JDK-8306744 ObjectInputStream::readObject() should handle negative array sizes without throwing NegativeArraySizeExceptions
- Closed