Loading...

XML

Word

Printable

Type: Sub-task
Resolution: Delivered
Priority: P3
Fix Version/s: 21
Affects Version/s: 21
Component/s: core-libs
Labels:
- RN-Change
- release-note

Subcomponent:
java.io:serialization

`ObjectInputStream::readObject()` now throws a `StreamCorruptedException` instead of a `NegativeArraySizeException` when reading an array with a negative array size from a corrupted object input stream. Collection classes with a custom `readObject()` method which previously threw a `NegativeArraySizeException` when the number of their elements read from the deserialization stream was negative will now throw a `StreamCorruptedException` instead.

relates to

JDK-8306744 ObjectInputStream::readObject() should handle negative array sizes without throwing NegativeArraySizeExceptions

Closed

Assignee:: Volker Simonis

Reporter:: Volker Simonis

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2023-05-08 05:49

Updated:: 2023-07-28 10:37

Resolved:: 2023-06-15 03:04

Details

Description

Attachments

Issue Links

Activity

People

Dates