From 4d3aea551e3e8bb09e4acbfb9a2efd4fbc9fa781 Mon Sep 17 00:00:00 2001 From: igerasim Date: Wed, 16 Apr 2014 12:37:49 +0400 Subject: [PATCH] 8039396: NPE when writing a class descriptor object to a custom ObjectOutputStream Reviewed-by: alanb --- .../classes/java/io/ObjectOutputStream.java | 4 +- .../UnresolvableObjectStreamClass.java | 68 +++++++++++++++++++ 2 files changed, 70 insertions(+), 2 deletions(-) create mode 100644 test/java/io/Serializable/unresolvableObjectStreamClass/UnresolvableObjectStreamClass.java diff --git a/src/share/classes/java/io/ObjectOutputStream.java b/src/share/classes/java/io/ObjectOutputStream.java index 612bb4eb1..6d29e3a1f 100644 --- a/src/share/classes/java/io/ObjectOutputStream.java +++ b/src/share/classes/java/io/ObjectOutputStream.java @@ -1255,7 +1255,7 @@ public class ObjectOutputStream } bout.setBlockDataMode(true); - if (isCustomSubclass()) { + if (cl != null && isCustomSubclass()) { ReflectUtil.checkPackageAccess(cl); } annotateProxyClass(cl); @@ -1284,7 +1284,7 @@ public class ObjectOutputStream Class cl = desc.forClass(); bout.setBlockDataMode(true); - if (isCustomSubclass()) { + if (cl != null && isCustomSubclass()) { ReflectUtil.checkPackageAccess(cl); } annotateClass(cl); diff --git a/test/java/io/Serializable/unresolvableObjectStreamClass/UnresolvableObjectStreamClass.java b/test/java/io/Serializable/unresolvableObjectStreamClass/UnresolvableObjectStreamClass.java new file mode 100644 index 000000000..4010b1a76 --- /dev/null +++ b/test/java/io/Serializable/unresolvableObjectStreamClass/UnresolvableObjectStreamClass.java @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* @test + * @bug 8039396 + * @run main UnresolvableObjectStreamClass serialize + * @clean MySerializable + * @run main UnresolvableObjectStreamClass deserialize + * + * @summary NPE when writing a class descriptor object to a custom + * ObjectOutputStream + */ + +import java.io.*; + +public class UnresolvableObjectStreamClass { + public static void main(String[] args) throws Throwable { + if (args.length > 0 && args[0].equals("serialize")) { + try (FileOutputStream fos = new FileOutputStream("temp1.ser"); + ObjectOutputStream oos = new ObjectOutputStream(fos)) { + ObjectStreamClass osc = + ObjectStreamClass.lookup(MySerializable.class); + oos.writeObject(osc); + } + } else if (args.length > 0 && args[0].equals("deserialize")) { + try (FileInputStream fis = new FileInputStream("temp1.ser"); + ObjectInputStream ois = new ObjectInputStream(fis); + FileOutputStream fos = new FileOutputStream("temp2.ser"); + ObjectOutputStream oos = new ObjectOutputStream(fos) { + /*must be subclassed*/}) { + ObjectStreamClass osc = (ObjectStreamClass)ois.readObject(); + // serialize it again + try { + oos.writeObject(osc); + } catch (NullPointerException e) { + throw new RuntimeException("Failed to write" + + " unresolvable ObjectStreamClass", e); + } + } + } else { + throw new RuntimeException("The command line option must be" + + " one of: serialize or deserialize"); + } + } +} + +class MySerializable implements Serializable { +} -- GitLab