diff --git a/src/share/classes/java/time/Duration.java b/src/share/classes/java/time/Duration.java index 2e6eb53028db7000d453bd807ee296c62ff97b79..4a5220000f693e8219380af737feee4c85d2df1f 100644 --- a/src/share/classes/java/time/Duration.java +++ b/src/share/classes/java/time/Duration.java @@ -74,7 +74,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; -import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.math.BigDecimal; import java.math.BigInteger; @@ -1325,10 +1325,10 @@ public final class Duration /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/Instant.java b/src/share/classes/java/time/Instant.java index 6d69a777855c82b96e2e99fafc8a89fc290b658d..d91e1c865686f4a7941cb4c5bfa2f7a68fe41465 100644 --- a/src/share/classes/java/time/Instant.java +++ b/src/share/classes/java/time/Instant.java @@ -76,6 +76,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatter; import java.time.format.DateTimeParseException; @@ -1346,10 +1347,10 @@ public final class Instant /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/LocalDate.java b/src/share/classes/java/time/LocalDate.java index 2266e3bd4d4312f223389a65c10fa5efea385e13..c8ee89c87c50c0559403f7d09bad8cff0773a447 100644 --- a/src/share/classes/java/time/LocalDate.java +++ b/src/share/classes/java/time/LocalDate.java @@ -78,6 +78,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoLocalDate; import java.time.chrono.Era; @@ -2051,10 +2052,10 @@ public final class LocalDate /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/LocalDateTime.java b/src/share/classes/java/time/LocalDateTime.java index 041a5524dc5aab915a55415b51f3af81a17356c1..f9975d82329236d22d17bc4d19944d1c6e4fe57b 100644 --- a/src/share/classes/java/time/LocalDateTime.java +++ b/src/share/classes/java/time/LocalDateTime.java @@ -76,6 +76,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoLocalDateTime; import java.time.format.DateTimeFormatter; @@ -1984,10 +1985,10 @@ public final class LocalDateTime /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/LocalTime.java b/src/share/classes/java/time/LocalTime.java index 11bb8a4246c4947cd5cb7a9862cdc6320e4152e9..08a06317413926d258808b269e845801655ed053 100644 --- a/src/share/classes/java/time/LocalTime.java +++ b/src/share/classes/java/time/LocalTime.java @@ -74,6 +74,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatter; import java.time.format.DateTimeParseException; @@ -1636,10 +1637,10 @@ public final class LocalTime /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/MonthDay.java b/src/share/classes/java/time/MonthDay.java index dccc49ac36d4bd693339e37f8cae80e62d225a3c..2339cad53974dd6ec3a9166f4f58fb412a47e67a 100644 --- a/src/share/classes/java/time/MonthDay.java +++ b/src/share/classes/java/time/MonthDay.java @@ -68,6 +68,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.Chronology; import java.time.chrono.IsoChronology; @@ -769,10 +770,10 @@ public final class MonthDay /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/OffsetDateTime.java b/src/share/classes/java/time/OffsetDateTime.java index 5560b30131cef3f91c60333aa7d84164da4cd57a..caecddca0f4ac619fc20ed4dd5d70e871c4bbca9 100644 --- a/src/share/classes/java/time/OffsetDateTime.java +++ b/src/share/classes/java/time/OffsetDateTime.java @@ -72,6 +72,7 @@ import java.io.IOException; import java.io.ObjectInput; import java.io.ObjectOutput; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.IsoChronology; import java.time.format.DateTimeFormatter; @@ -1923,10 +1924,10 @@ public final class OffsetDateTime /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/OffsetTime.java b/src/share/classes/java/time/OffsetTime.java index a8f5218df8743384e45b1626d48fad037925c3e9..466cf5ae6393912a09c655e212dce22efb495a92 100644 --- a/src/share/classes/java/time/OffsetTime.java +++ b/src/share/classes/java/time/OffsetTime.java @@ -73,6 +73,7 @@ import java.io.IOException; import java.io.ObjectInput; import java.io.ObjectOutput; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatter; import java.time.format.DateTimeParseException; @@ -1394,10 +1395,10 @@ public final class OffsetTime /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/Period.java b/src/share/classes/java/time/Period.java index c4e92472472fa3bdcba4b1462887e8c7470717ce..ff6db0885f07cad531db18efbec53634d9ba9852 100644 --- a/src/share/classes/java/time/Period.java +++ b/src/share/classes/java/time/Period.java @@ -69,6 +69,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoLocalDate; import java.time.chrono.ChronoPeriod; @@ -1056,10 +1057,10 @@ public final class Period /** * Defend against malicious streams. - * @return never + * * @throws java.io.InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/Year.java b/src/share/classes/java/time/Year.java index b082c45fb69ddb29950694e8d2471ffd8344f60b..cc68951351b19bfdec8fb31eba20f337e52b4574 100644 --- a/src/share/classes/java/time/Year.java +++ b/src/share/classes/java/time/Year.java @@ -74,6 +74,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.Chronology; import java.time.chrono.IsoChronology; @@ -1102,10 +1103,10 @@ public final class Year /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/YearMonth.java b/src/share/classes/java/time/YearMonth.java index ce5ed823b4e461e6c82acff06b9fd3e61b6b3bbe..e5f42100ac0756faf65995d721f95ad84e479525 100644 --- a/src/share/classes/java/time/YearMonth.java +++ b/src/share/classes/java/time/YearMonth.java @@ -77,6 +77,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.Chronology; import java.time.chrono.IsoChronology; @@ -1228,10 +1229,10 @@ public final class YearMonth /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/ZoneId.java b/src/share/classes/java/time/ZoneId.java index 689e8361e11e17db5da5d2f5cc4e740b3aa148c2..9b8ebc7267ac2725805cfb305d65b4ac5c6d8c43 100644 --- a/src/share/classes/java/time/ZoneId.java +++ b/src/share/classes/java/time/ZoneId.java @@ -64,6 +64,7 @@ package java.time; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatterBuilder; import java.time.format.TextStyle; @@ -622,10 +623,10 @@ public abstract class ZoneId implements Serializable { //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/ZoneOffset.java b/src/share/classes/java/time/ZoneOffset.java index bcd0a01f2983dd55a529e06f1df29504c8991e06..efbdec9a934bd31baaf6d31b7a354905c8fc618a 100644 --- a/src/share/classes/java/time/ZoneOffset.java +++ b/src/share/classes/java/time/ZoneOffset.java @@ -70,6 +70,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.temporal.ChronoField; import java.time.temporal.Temporal; @@ -767,10 +768,10 @@ public final class ZoneOffset /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/ZoneRegion.java b/src/share/classes/java/time/ZoneRegion.java index 31669d79c0323ceade6335a84ec681ab22361dbf..5349b305ac79f34b2b446b2a053c7fd21e3a96a2 100644 --- a/src/share/classes/java/time/ZoneRegion.java +++ b/src/share/classes/java/time/ZoneRegion.java @@ -60,7 +60,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; -import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.zone.ZoneRules; import java.time.zone.ZoneRulesException; @@ -195,10 +195,10 @@ final class ZoneRegion extends ZoneId implements Serializable { /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/ZonedDateTime.java b/src/share/classes/java/time/ZonedDateTime.java index 229000998f786009e45eeef54299ef25c2928297..b1342be5e475454eecf92faa6e2cb93981e29aea 100644 --- a/src/share/classes/java/time/ZonedDateTime.java +++ b/src/share/classes/java/time/ZonedDateTime.java @@ -67,9 +67,9 @@ import static java.time.temporal.ChronoField.OFFSET_SECONDS; import java.io.DataOutput; import java.io.IOException; -import java.io.InvalidObjectException; import java.io.ObjectInput; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoZonedDateTime; import java.time.format.DateTimeFormatter; @@ -2224,10 +2224,10 @@ public final class ZonedDateTime /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/AbstractChronology.java b/src/share/classes/java/time/chrono/AbstractChronology.java index e91c596f56c10967225bb7917751d79273f682dd..8b3559135a5e2a34c1782cd4c06c0a4ab80601f0 100644 --- a/src/share/classes/java/time/chrono/AbstractChronology.java +++ b/src/share/classes/java/time/chrono/AbstractChronology.java @@ -83,6 +83,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectStreamException; import java.io.Serializable; import java.time.DateTimeException; @@ -764,10 +765,10 @@ public abstract class AbstractChronology implements Chronology { /** * Defend against malicious streams. - * @return never + * * @throws java.io.InvalidObjectException always */ - private Object readResolve() throws ObjectStreamException { + private void readObject(ObjectInputStream s) throws ObjectStreamException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/ChronoLocalDateTimeImpl.java b/src/share/classes/java/time/chrono/ChronoLocalDateTimeImpl.java index e33e82ebab2dbcc4b61d387f9f2b5b3a30bc9a48..21a8548115e7715ea982ca6fdbf70a9118b6e005 100644 --- a/src/share/classes/java/time/chrono/ChronoLocalDateTimeImpl.java +++ b/src/share/classes/java/time/chrono/ChronoLocalDateTimeImpl.java @@ -66,8 +66,8 @@ import static java.time.temporal.ChronoField.EPOCH_DAY; import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInput; +import java.io.ObjectInputStream; import java.io.ObjectOutput; -import java.io.ObjectStreamException; import java.io.Serializable; import java.time.LocalTime; import java.time.ZoneId; @@ -415,10 +415,10 @@ final class ChronoLocalDateTimeImpl /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/ChronoPeriodImpl.java b/src/share/classes/java/time/chrono/ChronoPeriodImpl.java index 28cf0b47d77a6635aa696546ce47bf8f6ded22a7..e0ee43400edda40232a17ae73ebdccc9f2b6c766 100644 --- a/src/share/classes/java/time/chrono/ChronoPeriodImpl.java +++ b/src/share/classes/java/time/chrono/ChronoPeriodImpl.java @@ -65,6 +65,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectStreamException; import java.io.Serializable; import java.time.DateTimeException; @@ -374,10 +375,10 @@ final class ChronoPeriodImpl /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws ObjectStreamException { + private void readObject(ObjectInputStream s) throws ObjectStreamException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/ChronoZonedDateTimeImpl.java b/src/share/classes/java/time/chrono/ChronoZonedDateTimeImpl.java index 5222db367f2220a0904cb01d2311b823785f14fa..79f3423c5b2bae381ad734a3cfa39af9fc95256f 100644 --- a/src/share/classes/java/time/chrono/ChronoZonedDateTimeImpl.java +++ b/src/share/classes/java/time/chrono/ChronoZonedDateTimeImpl.java @@ -66,8 +66,8 @@ import static java.time.temporal.ChronoUnit.SECONDS; import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInput; +import java.io.ObjectInputStream; import java.io.ObjectOutput; -import java.io.ObjectStreamException; import java.io.Serializable; import java.time.Instant; import java.time.LocalDateTime; @@ -339,10 +339,10 @@ final class ChronoZonedDateTimeImpl /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/HijrahChronology.java b/src/share/classes/java/time/chrono/HijrahChronology.java index 277b1010fe4e85a28c730d5ac76e8c9d90f5ad42..821ff9f5012f72926fba982786184908e8a10652 100644 --- a/src/share/classes/java/time/chrono/HijrahChronology.java +++ b/src/share/classes/java/time/chrono/HijrahChronology.java @@ -64,7 +64,7 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.security.AccessController; import java.security.PrivilegedActionException; @@ -1095,10 +1095,10 @@ public final class HijrahChronology extends AbstractChronology implements Serial /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } } diff --git a/src/share/classes/java/time/chrono/HijrahDate.java b/src/share/classes/java/time/chrono/HijrahDate.java index e2eadccad93fbf79ff2714495b191a1d7ed69a0c..3a06bf9669fee93467f8ce79d0c3f41b0b0ea87a 100644 --- a/src/share/classes/java/time/chrono/HijrahDate.java +++ b/src/share/classes/java/time/chrono/HijrahDate.java @@ -67,6 +67,7 @@ import static java.time.temporal.ChronoField.YEAR; import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInput; +import java.io.ObjectInputStream; import java.io.ObjectOutput; import java.io.Serializable; import java.time.Clock; @@ -610,10 +611,10 @@ public final class HijrahDate //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/IsoChronology.java b/src/share/classes/java/time/chrono/IsoChronology.java index d45b042b9fa721b7485a533b360b8ff6a2e4c701..c0936b0f292a0b9a97ab27b79e570b1d663a9b24 100644 --- a/src/share/classes/java/time/chrono/IsoChronology.java +++ b/src/share/classes/java/time/chrono/IsoChronology.java @@ -62,7 +62,6 @@ package java.time.chrono; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; import static java.time.temporal.ChronoField.DAY_OF_MONTH; import static java.time.temporal.ChronoField.ERA; import static java.time.temporal.ChronoField.MONTH_OF_YEAR; @@ -70,6 +69,7 @@ import static java.time.temporal.ChronoField.PROLEPTIC_MONTH; import static java.time.temporal.ChronoField.YEAR; import static java.time.temporal.ChronoField.YEAR_OF_ERA; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -603,10 +603,10 @@ public final class IsoChronology extends AbstractChronology implements Serializa /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } } diff --git a/src/share/classes/java/time/chrono/JapaneseChronology.java b/src/share/classes/java/time/chrono/JapaneseChronology.java index 41aa39a93929d744a99bc1a4e352ce85075de04f..b1dbf53de821ec37ffcc7c62afab47cb5ed291cd 100644 --- a/src/share/classes/java/time/chrono/JapaneseChronology.java +++ b/src/share/classes/java/time/chrono/JapaneseChronology.java @@ -66,6 +66,7 @@ import static java.time.temporal.ChronoUnit.DAYS; import static java.time.temporal.ChronoUnit.MONTHS; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -523,10 +524,10 @@ public final class JapaneseChronology extends AbstractChronology implements Seri /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } } diff --git a/src/share/classes/java/time/chrono/JapaneseDate.java b/src/share/classes/java/time/chrono/JapaneseDate.java index 4fcae6e74276d65acc53d2630199392b932991b0..704680fdf5080ec3b791d112a033607d3be3ce33 100644 --- a/src/share/classes/java/time/chrono/JapaneseDate.java +++ b/src/share/classes/java/time/chrono/JapaneseDate.java @@ -68,6 +68,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -697,10 +698,10 @@ public final class JapaneseDate //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/JapaneseEra.java b/src/share/classes/java/time/chrono/JapaneseEra.java index 2dbbde3aac22e5f24fc5534e8b44ec1567cac61e..f31597e02f9f36a51ccd428b3b299458d016cd29 100644 --- a/src/share/classes/java/time/chrono/JapaneseEra.java +++ b/src/share/classes/java/time/chrono/JapaneseEra.java @@ -68,6 +68,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectStreamException; import java.io.Serializable; import java.time.DateTimeException; @@ -171,24 +172,6 @@ public final class JapaneseEra this.since = since; } - /** - * Returns the singleton {@code JapaneseEra} corresponding to this object. - * It's possible that this version of {@code JapaneseEra} doesn't support the latest era value. - * In that case, this method throws an {@code ObjectStreamException}. - * - * @return the singleton {@code JapaneseEra} for this object - * @throws ObjectStreamException if the deserialized object has any unknown numeric era value. - */ - private Object readResolve() throws ObjectStreamException { - try { - return of(eraValue); - } catch (DateTimeException e) { - InvalidObjectException ex = new InvalidObjectException("Invalid era"); - ex.initCause(e); - throw ex; - } - } - //----------------------------------------------------------------------- /** * Returns the Sun private Era instance corresponding to this {@code JapaneseEra}. @@ -212,7 +195,7 @@ public final class JapaneseEra * @throws DateTimeException if the value is invalid */ public static JapaneseEra of(int japaneseEra) { - if (japaneseEra < MEIJI.eraValue || japaneseEra > HEISEI.eraValue) { + if (japaneseEra < MEIJI.eraValue || japaneseEra + ERA_OFFSET - 1 >= KNOWN_ERAS.length) { throw new DateTimeException("Invalid era: " + japaneseEra); } return KNOWN_ERAS[ordinal(japaneseEra)]; @@ -370,6 +353,16 @@ public final class JapaneseEra return getName(); } + //----------------------------------------------------------------------- + /** + * Defend against malicious streams. + * + * @throws InvalidObjectException always + */ + private void readObject(ObjectInputStream s) throws InvalidObjectException { + throw new InvalidObjectException("Deserialization via serialization delegate"); + } + //----------------------------------------------------------------------- /** * Writes the object using a diff --git a/src/share/classes/java/time/chrono/MinguoChronology.java b/src/share/classes/java/time/chrono/MinguoChronology.java index 8e26f7d43c0481b0a2455af34727ff47432c70b0..f7ee55789fd23c293ccd8f1ab68cd1f8dbc5c2d0 100644 --- a/src/share/classes/java/time/chrono/MinguoChronology.java +++ b/src/share/classes/java/time/chrono/MinguoChronology.java @@ -57,10 +57,10 @@ package java.time.chrono; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; import static java.time.temporal.ChronoField.PROLEPTIC_MONTH; import static java.time.temporal.ChronoField.YEAR; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -354,10 +354,10 @@ public final class MinguoChronology extends AbstractChronology implements Serial /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } } diff --git a/src/share/classes/java/time/chrono/MinguoDate.java b/src/share/classes/java/time/chrono/MinguoDate.java index 5e0de79ae9e96957c22af9c0ea04889b4f264e94..452ad2f4a63da31397eeb6e5a89d2af13557b0d2 100644 --- a/src/share/classes/java/time/chrono/MinguoDate.java +++ b/src/share/classes/java/time/chrono/MinguoDate.java @@ -65,6 +65,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -459,10 +460,10 @@ public final class MinguoDate //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/chrono/ThaiBuddhistChronology.java b/src/share/classes/java/time/chrono/ThaiBuddhistChronology.java index 2ef5793586f5197e0c2409705c5dbad256549351..057c3baaefb68d06101b80708015c3d2e19e6afd 100644 --- a/src/share/classes/java/time/chrono/ThaiBuddhistChronology.java +++ b/src/share/classes/java/time/chrono/ThaiBuddhistChronology.java @@ -57,10 +57,10 @@ package java.time.chrono; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; import static java.time.temporal.ChronoField.PROLEPTIC_MONTH; import static java.time.temporal.ChronoField.YEAR; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -390,10 +390,10 @@ public final class ThaiBuddhistChronology extends AbstractChronology implements /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } } diff --git a/src/share/classes/java/time/chrono/ThaiBuddhistDate.java b/src/share/classes/java/time/chrono/ThaiBuddhistDate.java index 350b7855c5f0e5740c29400f39645097679a19e6..71914eac060d0bf4c33fa2f113ad4f74c7400484 100644 --- a/src/share/classes/java/time/chrono/ThaiBuddhistDate.java +++ b/src/share/classes/java/time/chrono/ThaiBuddhistDate.java @@ -65,6 +65,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -459,10 +460,10 @@ public final class ThaiBuddhistDate //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/temporal/ValueRange.java b/src/share/classes/java/time/temporal/ValueRange.java index a48abafbf104a4d134777f571c59213a5e290300..980203c6d1d580dac565b923dcd69e420afdceb9 100644 --- a/src/share/classes/java/time/temporal/ValueRange.java +++ b/src/share/classes/java/time/temporal/ValueRange.java @@ -61,7 +61,9 @@ */ package java.time.temporal; +import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.DateTimeException; @@ -338,18 +340,27 @@ public final class ValueRange implements Serializable { } } + //----------------------------------------------------------------------- /** - * Return the ValueRange for the serialized values. - * The values are validated according to the constraints of the {@link #of} - * factory method. - * @return the ValueRange for the serialized fields - * @throws InvalidObjectException if the serialized object has invalid values + * Restore the state of an ValueRange from the stream. + * Check that the values are valid. + * @throws InvalidObjectException if + * the smallest minimum is greater than the smallest maximum, + * or the smallest maximum is greater than the largest maximum + * or the largest minimum is greater than the largest maximum */ - private Object readResolve() throws InvalidObjectException { - try { - return of(minSmallest, minLargest, maxSmallest, maxLargest); - } catch (IllegalArgumentException iae) { - throw new InvalidObjectException("Invalid serialized ValueRange: " + iae.getMessage()); + private void readObject(ObjectInputStream s) + throws IOException, ClassNotFoundException, InvalidObjectException + { + s.defaultReadObject(); + if (minSmallest > minLargest) { + throw new InvalidObjectException("Smallest minimum value must be less than largest minimum value"); + } + if (maxSmallest > maxLargest) { + throw new InvalidObjectException("Smallest maximum value must be less than largest maximum value"); + } + if (minLargest > maxLargest) { + throw new InvalidObjectException("Minimum value must be less than maximum value"); } } diff --git a/src/share/classes/java/time/temporal/WeekFields.java b/src/share/classes/java/time/temporal/WeekFields.java index 29dde9cf2f8a298a49e01703e24c54e25bec8894..7cf985e1a51eb02e8b2c197cb9b720c97ccb1b05 100644 --- a/src/share/classes/java/time/temporal/WeekFields.java +++ b/src/share/classes/java/time/temporal/WeekFields.java @@ -72,7 +72,9 @@ import static java.time.temporal.ChronoUnit.MONTHS; import static java.time.temporal.ChronoUnit.WEEKS; import static java.time.temporal.ChronoUnit.YEARS; +import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.DateTimeException; import java.time.DayOfWeek; @@ -339,6 +341,25 @@ public final class WeekFields implements Serializable { } //----------------------------------------------------------------------- + /** + * Restore the state of a WeekFields from the stream. + * Check that the values are valid. + * @throws InvalidObjectException if the serialized object has an invalid + * value for firstDayOfWeek or minimalDays. + */ + private void readObject(ObjectInputStream s) + throws IOException, ClassNotFoundException, InvalidObjectException + { + s.defaultReadObject(); + if (firstDayOfWeek == null) { + throw new InvalidObjectException("firstDayOfWeek is null"); + } + + if (minimalDays < 1 || minimalDays > 7) { + throw new InvalidObjectException("Minimal number of days is invalid"); + } + } + /** * Return the singleton WeekFields associated with the * {@code firstDayOfWeek} and {@code minimalDays}. diff --git a/src/share/classes/java/time/zone/ZoneOffsetTransition.java b/src/share/classes/java/time/zone/ZoneOffsetTransition.java index 79cb5c8d594ad262cafa0a2671bb19a199e894b1..263f40155cf1efed7f17b4383a26fcb62145f593 100644 --- a/src/share/classes/java/time/zone/ZoneOffsetTransition.java +++ b/src/share/classes/java/time/zone/ZoneOffsetTransition.java @@ -65,6 +65,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Duration; import java.time.Instant; @@ -172,10 +173,9 @@ public final class ZoneOffsetTransition //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/zone/ZoneOffsetTransitionRule.java b/src/share/classes/java/time/zone/ZoneOffsetTransitionRule.java index d0b182b2628c29969d4c041fd601fb164c4e7a09..f52953ca4c12e9dbaa4e9751cb65ba3fd932b215 100644 --- a/src/share/classes/java/time/zone/ZoneOffsetTransitionRule.java +++ b/src/share/classes/java/time/zone/ZoneOffsetTransitionRule.java @@ -68,6 +68,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.DayOfWeek; import java.time.LocalDate; @@ -233,10 +234,10 @@ public final class ZoneOffsetTransitionRule implements Serializable { //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/src/share/classes/java/time/zone/ZoneRules.java b/src/share/classes/java/time/zone/ZoneRules.java index 6d7c07bfb0e98bbd6b616d1a9c5e1cb307131505..179c006fe304f3b94524772aebaafc16962fd3c2 100644 --- a/src/share/classes/java/time/zone/ZoneRules.java +++ b/src/share/classes/java/time/zone/ZoneRules.java @@ -65,6 +65,7 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Duration; import java.time.Instant; @@ -317,10 +318,10 @@ public final class ZoneRules implements Serializable { /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } diff --git a/test/java/time/tck/java/time/AbstractTCKTest.java b/test/java/time/tck/java/time/AbstractTCKTest.java index 29c2aa9fe1a5b0067afc4e0193d27b82c2e1576b..d96011469a5a06eb81ddf0d37742e7e4f748afef 100644 --- a/test/java/time/tck/java/time/AbstractTCKTest.java +++ b/test/java/time/tck/java/time/AbstractTCKTest.java @@ -58,17 +58,18 @@ package tck.java.time; import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertSame; +import static org.testng.Assert.fail; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.DataInputStream; +import java.io.DataOutputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.io.ObjectStreamConstants; import java.io.Serializable; import java.lang.reflect.Field; -import java.util.Arrays; import java.util.Formatter; /** @@ -164,6 +165,42 @@ public abstract class AbstractTCKTest { } } + /** + * Verify the class cannot be deserialized from a handcoded stream. + * Fail if the deserialization does not throw an Exception. + * @param serClass the class to embed in the handcoded stream + * @throws Exception if an unexpected condition occurs + */ + protected static void assertNotSerializable(Class serClass) throws Exception { + Field field = serClass.getDeclaredField("serialVersionUID"); + field.setAccessible(true); + long serVer = (Long) field.get(null); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try (DataOutputStream out = new DataOutputStream(baos)) { + out.writeShort(ObjectStreamConstants.STREAM_MAGIC); + out.writeShort(ObjectStreamConstants.STREAM_VERSION); + out.writeByte(ObjectStreamConstants.TC_OBJECT); + out.writeByte(ObjectStreamConstants.TC_CLASSDESC); + out.writeUTF(serClass.getName()); + out.writeLong(serVer); + out.writeByte(ObjectStreamConstants.SC_SERIALIZABLE); // Flags ObjectStreamConstants + out.writeShort(0); // number of fields + out.writeByte(ObjectStreamConstants.TC_ENDBLOCKDATA); + out.writeByte(ObjectStreamConstants.TC_NULL); // no superclasses + } + + byte[] bytes = baos.toByteArray(); + + try (ByteArrayInputStream bis = new ByteArrayInputStream(bytes); + ObjectInputStream in = new ObjectInputStream(bis)) { + Object o = in.readObject(); + } catch (Exception ioe) { + // Expected exception + return; + } + fail("Class should not be deserializable " + serClass.getName()); + } + /** * Utility method to dump a byte array in a java syntax. diff --git a/test/java/time/tck/java/time/chrono/serial/TCKChronoLocalDateSerialization.java b/test/java/time/tck/java/time/chrono/serial/TCKChronoLocalDateSerialization.java index af6e9fb2e021a0863081e01ee2e584aab1f1baa1..8116457b96a8ea819178a7fb52adc99ee0a70fd4 100644 --- a/test/java/time/tck/java/time/chrono/serial/TCKChronoLocalDateSerialization.java +++ b/test/java/time/tck/java/time/chrono/serial/TCKChronoLocalDateSerialization.java @@ -161,4 +161,25 @@ public class TCKChronoLocalDateSerialization extends AbstractTCKTest { assertSerializedBySer(date, hijrahDateBytes, hijrahChronoBytes, dateBytes); } + + + //----------------------------------------------------------------------- + // Regular data factory for names and descriptions of available calendars + //----------------------------------------------------------------------- + @DataProvider(name = "invalidSerialformClasses") + Object[][] invalid_serial_classes() { + return new Object[][]{ + {JapaneseEra.class}, + {JapaneseDate.class}, + {MinguoDate.class}, + {ThaiBuddhistDate.class}, + {HijrahDate.class}, + }; + } + + @Test(dataProvider="invalidSerialformClasses") + public void test_invalid_serialform(Class clazz) throws Exception { + assertNotSerializable(clazz); + } + } diff --git a/test/java/time/tck/java/time/chrono/serial/TCKChronologySerialization.java b/test/java/time/tck/java/time/chrono/serial/TCKChronologySerialization.java index 7f9e30d35c5406625e6f7679faff8f119cd29e57..c3222e281e6498383c4f1ce673017dbcce7fc21d 100644 --- a/test/java/time/tck/java/time/chrono/serial/TCKChronologySerialization.java +++ b/test/java/time/tck/java/time/chrono/serial/TCKChronologySerialization.java @@ -111,4 +111,24 @@ public class TCKChronologySerialization extends AbstractTCKTest { assertSerializedBySer(chrono, bytes); } + + //----------------------------------------------------------------------- + // Regular data factory for names and descriptions of available calendars + //----------------------------------------------------------------------- + @DataProvider(name = "invalidSerialformClasses") + Object[][] invalid_serial_classes() { + return new Object[][]{ + {IsoChronology.class}, + {JapaneseChronology.class}, + {MinguoChronology.class}, + {ThaiBuddhistChronology.class}, + {HijrahChronology.class}, + }; + } + + @Test(dataProvider="invalidSerialformClasses") + public void test_invalid_serialform(Class clazz) throws Exception { + assertNotSerializable(clazz); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKDurationSerialization.java b/test/java/time/tck/java/time/serial/TCKDurationSerialization.java index 15d079b9b412a4cb8d395b0dd8d6496b35849563..b2251181572c8789c60e418c190750825538253c 100644 --- a/test/java/time/tck/java/time/serial/TCKDurationSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKDurationSerialization.java @@ -110,4 +110,9 @@ public class TCKDurationSerialization extends AbstractTCKTest { assertSerializableSame(Duration.ZERO); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Duration.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKInstantSerialization.java b/test/java/time/tck/java/time/serial/TCKInstantSerialization.java index 34a7a5137970f5e1bf7f5c6a0db98ad29c1018c8..bb4eb47c8dd29cac077d347e9b00e92821e8faf1 100644 --- a/test/java/time/tck/java/time/serial/TCKInstantSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKInstantSerialization.java @@ -91,5 +91,10 @@ public class TCKInstantSerialization extends AbstractTCKTest { assertSerializedBySer(Instant.ofEpochSecond(654321, 123456789), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Instant.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKLocalDateSerialization.java b/test/java/time/tck/java/time/serial/TCKLocalDateSerialization.java index c42fa5ece912a7876b376614d7d0d659f2673630..7a82822944b669cf70a057f047797e48b3d3a4de 100644 --- a/test/java/time/tck/java/time/serial/TCKLocalDateSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKLocalDateSerialization.java @@ -102,4 +102,9 @@ public class TCKLocalDateSerialization extends AbstractTCKTest { assertSerializedBySer(LocalDate.of(2012, 9, 16), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(LocalDate.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKLocalDateTimeSerialization.java b/test/java/time/tck/java/time/serial/TCKLocalDateTimeSerialization.java index aa739768808e26c3cc6101e9ed10e4941843efcd..c207891380851b19352da90c4c5c43a300bb3671 100644 --- a/test/java/time/tck/java/time/serial/TCKLocalDateTimeSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKLocalDateTimeSerialization.java @@ -99,4 +99,9 @@ public class TCKLocalDateTimeSerialization extends AbstractTCKTest { assertSerializedBySer(LocalDateTime.of(2012, 9, 16, 22, 17, 59, 459_000_000), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(LocalDateTime.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKLocalTimeSerialization.java b/test/java/time/tck/java/time/serial/TCKLocalTimeSerialization.java index d78de65187705a18b220e958733f95cb933eb69a..f03eb070233f00ec0297ccaec691dda9130b3f4e 100644 --- a/test/java/time/tck/java/time/serial/TCKLocalTimeSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKLocalTimeSerialization.java @@ -141,5 +141,9 @@ public class TCKLocalTimeSerialization extends AbstractTCKTest { assertSerializedBySer(LocalTime.of(22, 17, 59, 459_000_000), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(LocalTime.class); + } } diff --git a/test/java/time/tck/java/time/serial/TCKMonthDaySerialization.java b/test/java/time/tck/java/time/serial/TCKMonthDaySerialization.java index 8650e7e641e5482081781b122de1ecdde02a6ec8..fff7ff5afa36717eca53732a368ca85fcd01ebb9 100644 --- a/test/java/time/tck/java/time/serial/TCKMonthDaySerialization.java +++ b/test/java/time/tck/java/time/serial/TCKMonthDaySerialization.java @@ -99,4 +99,9 @@ public class TCKMonthDaySerialization extends AbstractTCKTest { assertSerializedBySer(MonthDay.of(9, 16), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(MonthDay.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKOffsetDateTimeSerialization.java b/test/java/time/tck/java/time/serial/TCKOffsetDateTimeSerialization.java index f2ff1afbb8a42e2f16649fec6dcb21779cbb6ddc..1f08bd08fc040c17e32d55f852a787aa0f294f0d 100644 --- a/test/java/time/tck/java/time/serial/TCKOffsetDateTimeSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKOffsetDateTimeSerialization.java @@ -111,4 +111,9 @@ public class TCKOffsetDateTimeSerialization extends AbstractTCKTest { assertSerializedBySer(OffsetDateTime.of(ldt, ZoneOffset.ofHours(1)), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(OffsetDateTime.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKOffsetTimeSerialization.java b/test/java/time/tck/java/time/serial/TCKOffsetTimeSerialization.java index 292ef82d142df48f2563145fded5377151c9d69c..2052da6ac2ed8b9cc8d7b4c2f45c07f9008b0b8f 100644 --- a/test/java/time/tck/java/time/serial/TCKOffsetTimeSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKOffsetTimeSerialization.java @@ -107,5 +107,9 @@ public class TCKOffsetTimeSerialization extends AbstractTCKTest { assertSerializedBySer(OffsetTime.of(22, 17, 59, 464_000_000, ZoneOffset.ofHours(1)), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(OffsetTime.class); + } } diff --git a/test/java/time/tck/java/time/serial/TCKPeriodSerialization.java b/test/java/time/tck/java/time/serial/TCKPeriodSerialization.java index 57bb92f7dceb7ebe5dc503c074eaef30fe30a095..df1c6785567879f340cff0a151fb39f4bcb30de2 100644 --- a/test/java/time/tck/java/time/serial/TCKPeriodSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKPeriodSerialization.java @@ -78,4 +78,9 @@ public class TCKPeriodSerialization extends AbstractTCKTest { assertSerializable(Period.of(1, 2, 3)); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Period.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKYearMonthSerialization.java b/test/java/time/tck/java/time/serial/TCKYearMonthSerialization.java index 878b163972501d1d01c885c39c178dd51857e9d6..677aee4655f05e422ad73469aa53024dbffb6343 100644 --- a/test/java/time/tck/java/time/serial/TCKYearMonthSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKYearMonthSerialization.java @@ -100,4 +100,9 @@ public class TCKYearMonthSerialization extends AbstractTCKTest { assertSerializedBySer(YearMonth.of(2012, 9), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(YearMonth.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKYearSerialization.java b/test/java/time/tck/java/time/serial/TCKYearSerialization.java index 12f3955dcc4d82d338c7c4733d0eee33a32f8e69..4167e35eb18ba26c6fdd6da76291024f5d8bfdbc 100644 --- a/test/java/time/tck/java/time/serial/TCKYearSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKYearSerialization.java @@ -91,4 +91,9 @@ public class TCKYearSerialization extends AbstractTCKTest { assertSerializedBySer(Year.of(2012), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Year.class); + } + } diff --git a/test/java/time/tck/java/time/serial/TCKZoneOffsetSerialization.java b/test/java/time/tck/java/time/serial/TCKZoneOffsetSerialization.java index 223d466fcb3586007487c7efac1dc3aa3e34a997..c2795c6b00b1a704867faf09375a9d3c2d6b6cf2 100644 --- a/test/java/time/tck/java/time/serial/TCKZoneOffsetSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKZoneOffsetSerialization.java @@ -114,5 +114,9 @@ public class TCKZoneOffsetSerialization extends AbstractTCKTest { assertSerializedBySer(ZoneOffset.ofTotalSeconds(53265), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneOffset.class); + } } diff --git a/test/java/time/tck/java/time/serial/TCKZonedDateTimeSerialization.java b/test/java/time/tck/java/time/serial/TCKZonedDateTimeSerialization.java index bde33acc04bbb6f1b4617bb4f71ea46a783e3b7f..8200103cd6265fcb56a0f03db8b67e5ec2116f89 100644 --- a/test/java/time/tck/java/time/serial/TCKZonedDateTimeSerialization.java +++ b/test/java/time/tck/java/time/serial/TCKZonedDateTimeSerialization.java @@ -139,4 +139,9 @@ public class TCKZonedDateTimeSerialization extends AbstractTCKTest { assertSerializedBySer(zdt, bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZonedDateTime.class); + } + } diff --git a/test/java/time/tck/java/time/temporal/serial/TCKValueRangeSerialization.java b/test/java/time/tck/java/time/temporal/serial/TCKValueRangeSerialization.java index 9114bec6ca09c35dedc39a4f2700e92d4f97a024..d99efd03535ce883cf761e97a7e387f2feec7e81 100644 --- a/test/java/time/tck/java/time/temporal/serial/TCKValueRangeSerialization.java +++ b/test/java/time/tck/java/time/temporal/serial/TCKValueRangeSerialization.java @@ -60,11 +60,16 @@ package tck.java.time.temporal.serial; import static org.testng.Assert.assertEquals; +import static org.testng.Assert.fail; +import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.time.temporal.ValueRange; +import java.util.Arrays; import org.testng.annotations.Test; @@ -117,4 +122,57 @@ public class TCKValueRangeSerialization extends AbstractTCKTest { } } + @Test + public void test_invalid_serialform() throws Exception { + byte[] template = { + (byte)172, (byte)237, 0, 5, 115, 114, 0, 29, 106, 97, /* \u00ac \u00ed \u0000 \u0005 s r \u0000 \u001d j a */ + 118, 97, 46, 116, 105, 109, 101, 46, 116, 101, /* v a . t i m e . t e */ + 109, 112, 111, 114, 97, 108, 46, 86, 97, 108, /* m p o r a l . V a l */ + 117, 101, 82, 97, 110, 103, 101, (byte)154, 113, (byte)169, /* u e R a n g e \u009a q \u00a9 */ + 86, (byte)242, (byte)205, 90, (byte)184, 2, 0, 4, 74, 0, /* V \u00f2 \u00cd Z \u00b8 \u0002 \u0000 \u0004 J \u0000 */ + 10, 109, 97, 120, 76, 97, 114, 103, 101, 115, /* m a x L a r g e s */ + 116, 74, 0, 11, 109, 97, 120, 83, 109, 97, /* t J \u0000 \u000b m a x S m a */ + 108, 108, 101, 115, 116, 74, 0, 10, 109, 105,/* l l e s t J \u0000 m i */ + 110, 76, 97, 114, 103, 101, 115, 116, 74, 0, /* n L a r g e s t J \u0000 */ + 11, 109, 105, 110, 83, 109, 97, 108, 108, 101, /* \u000b m i n S m a l l e */ + 115, 116, 120, 112, 0, 0, 0, 0, 0, 0, /* s t x p \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 */ + 0, 40, 0, 0, 0, 0, 0, 0, 0, 30, /* \u0000 ( \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u001e */ + 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, /* \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u0014 \u0000 \u0000 */ + 0, 0, 0, 0, 0, 10, /* \u0000 \u0000 \u0000 \u0000 \u0000 */ + }; + + // minSmallest > minLargest, insert invalid values and deserialize + byte[] bad1 = {0, 0, 0, 2, 0, 0, 0, 1, 0, 0, 0, 3, 0, 0, 0, 4}; + byte[] val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 114, bad1.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minSmallest > minLargest " + ValueRange.class.getName()); + } catch (InvalidObjectException ioe) { + // Expected exception + } + + // maxSmallest > maxLargest, insert invalid values and deserialize + byte[] bad2 = {0, 0, 0, 1, 0, 0, 0, 2, 0, 0, 0, 4, 0, 0, 0, 3}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 114, bad2.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid maxSmallest > maxLargest " + ValueRange.class.getName()); + } catch (InvalidObjectException ioe) { + // Expected exception + } + + // minLagest > maxLargest, insert invalid values and deserialize + byte[] bad3 = {0, 0, 0, 1, 0, 0, 0, 5, 0, 0, 0, 3, 0, 0, 0, 4}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 114, bad3.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minLagest > maxLargest " + ValueRange.class.getName()); + } catch (InvalidObjectException ioe) { + // Expected exception + } + } + } diff --git a/test/java/time/tck/java/time/temporal/serial/TCKWeekFieldsSerialization.java b/test/java/time/tck/java/time/temporal/serial/TCKWeekFieldsSerialization.java index 43f45a84f22d2f64f7225712300d7e3299e495ec..00186046c89b0afdfcadc387b605dfba82fd5c43 100644 --- a/test/java/time/tck/java/time/temporal/serial/TCKWeekFieldsSerialization.java +++ b/test/java/time/tck/java/time/temporal/serial/TCKWeekFieldsSerialization.java @@ -56,13 +56,21 @@ */ package tck.java.time.temporal.serial; +import static org.testng.Assert.assertEquals; +import static org.testng.Assert.fail; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; import tck.java.time.AbstractTCKTest; import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; import java.time.DayOfWeek; import java.time.temporal.WeekFields; +import java.util.Arrays; /** * Test serialization of WeekFields. @@ -90,5 +98,58 @@ public class TCKWeekFieldsSerialization extends AbstractTCKTest { return objects; } + @Test + public void test_invalid_serialform() throws Exception { + WeekFields wf = WeekFields.of(DayOfWeek.MONDAY, 7); + ByteArrayOutputStream baos = new ByteArrayOutputStream(64); + ObjectOutputStream out = new ObjectOutputStream(baos); + out.writeObject(wf); + byte[] template = baos.toByteArray(); + + // (minimalDays = 5) { + byte[] good1 = {0, 0, 0, 5}; + byte[] val = Arrays.copyOf(template, template.length); + System.arraycopy(good1, 0, val, 105, good1.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + Object o = in.readObject(); + assertEquals(o, WeekFields.of(DayOfWeek.MONDAY, 5), "Should be MONDAY, min = 5"); + } catch (Exception ioe) { + fail("Unexpected exception " + ioe); + } + + // (minimalDays < 1) { + byte[] bad1 = {0, 0, 0, 0}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 105, bad1.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minimalDays < 1 " + WeekFields.class.getName()); + } catch (Exception ioe) { + // Expected exception + } + + // (minimalDays > 7) { + byte[] bad2 = {0, 0, 0, 8}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad2, 0, val, 105, bad2.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minimalDays > 7 " + WeekFields.class.getName()); + } catch (Exception ioe) { + // Expected exception + } + + // (StartDay = null) { + byte[] bad3 = {0x70}; + val = Arrays.copyOf(template, 110); + System.arraycopy(bad3, 0, val, 105 + 4, bad3.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid startDay == null " + WeekFields.class.getName()); + } catch (Exception ioe) { + // Expected exception + } + + } } diff --git a/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionRuleSerialization.java b/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionRuleSerialization.java index 9e4bf9b455ec9fb08bb374fde9dc4bdc245d21ad..42796f66f8faa5f3548a30617dccdd887ab940da 100644 --- a/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionRuleSerialization.java +++ b/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionRuleSerialization.java @@ -133,4 +133,9 @@ public class TCKZoneOffsetTransitionRuleSerialization extends AbstractTCKTest { assertSerializable(test); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneOffsetTransitionRule.class); + } + } diff --git a/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionSerialization.java b/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionSerialization.java index e70fc747d882cf813ac97a384b77aa49ec1e2c5d..01ffefe09dff9b1f71babe0abd3b11b768913536 100644 --- a/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionSerialization.java +++ b/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionSerialization.java @@ -110,4 +110,9 @@ public class TCKZoneOffsetTransitionSerialization extends AbstractTCKTest { assertSerializable(test); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneOffsetTransition.class); + } + } diff --git a/test/java/time/tck/java/time/zone/serial/TCKZoneRulesSerialization.java b/test/java/time/tck/java/time/zone/serial/TCKZoneRulesSerialization.java index 80237967990437234bd93c2192cfdbf0733af8b4..5262d68eea08d8197f565fba43f9a7802c569b03 100644 --- a/test/java/time/tck/java/time/zone/serial/TCKZoneRulesSerialization.java +++ b/test/java/time/tck/java/time/zone/serial/TCKZoneRulesSerialization.java @@ -70,11 +70,13 @@ import java.time.zone.ZoneRules; import static org.testng.Assert.assertEquals; +import tck.java.time.AbstractTCKTest; + /** * Test serialization of ZoneRules. */ @Test -public class TCKZoneRulesSerialization { +public class TCKZoneRulesSerialization extends AbstractTCKTest{ public void test_serialization_loaded() throws Exception { assertSerialization(europeLondon()); @@ -118,5 +120,9 @@ public class TCKZoneRulesSerialization { return ZoneId.of("America/New_York").getRules(); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneRules.class); + } }