Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8306461 ObjectInputStream::readObject() should handle negative array sizes without throwing NegativeArraySizeExceptions
  3. JDK-8307621

Release Note: `ObjectInputStream::readObject()` Should Handle Negative Array Sizes without Throwing `NegativeArraySizeExceptions`

    XMLWordPrintable

Details

    Description

      `ObjectInputStream::readObject()` now throws a `StreamCorruptedException` instead of a `NegativeArraySizeException` when reading an array with a negative array size from a corrupted object input stream. Collection classes with a custom `readObject()` method which previously threw a `NegativeArraySizeException` when the number of their elements read from the deserialization stream was negative will now throw a `StreamCorruptedException` instead.

      Attachments

        Issue Links

          Activity

            People

              simonis Volker Simonis
              simonis Volker Simonis
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: