Uploaded image for project: 'Commons IO'
  1. Commons IO
  2. IO-368

ClassLoaderObjectInputStream does not handle primitive typed members

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.1
    • Fix Version/s: 2.5
    • Component/s: Streams/Writers
    • Labels:
      None
    • Environment:

      Single node computer, running standard JVM (Oracle 1.6.0)

      Description

      Any class with a simple primitive (such as long, or int) cannot be deserialized. For example, the following code:

          ObjectInputStream ois = null;
          try {
            ois = new ClassLoaderObjectInputStream(getClass().getClassLoader(), new ByteArrayInputStream(bytes));
            return (T) ois.readObject();
          } catch (ClassNotFoundException e) {
            LOGGER.error("Deserialization failed for {}", objectClass, e);
          } catch (IOException e) {
            LOGGER.error("Deserialization failed for {}", objectClass, e);
          } finally {
            if (ois != null) {
              try {
                ois.close();
              } catch (IOException ignored) {
              }
            }
          }
      

      Will fail if bytes represents a byte[] of the serialized version of the following class:

      public class Foo {
      
        private static final long serialVersionUID = 1L;
      
        private long thisFieldWillCauseCLOISToFail;
      
        // class logic, ctors, etc...
      
      }
      

      With the following stacktrace:

      Caused by: java.lang.ClassNotFoundException: long
              at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
              at java.security.AccessController.doPrivileged(Native Method)
              at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
              at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
              at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
              at java.lang.Class.forName0(Native Method)
              at java.lang.Class.forName(Class.java:247)
              at org.apache.commons.io.input.ClassLoaderObjectInputStream.resolveClass(ClassLoaderObjectInputStream.java:68)
              at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1574)
              at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1495)
              at java.io.ObjectInputStream.readClass(ObjectInputStream.java:1461)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1311)
              at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1946)
              at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1870)
              at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
              at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1946)
              at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1870)
              at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
              at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1946)
              at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1870)
              at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
              at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1946)
              at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1870)
              at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
              at java.io.ObjectInputStream.readObject(ObjectInputStream.java:350)
              at java.util.ArrayList.readObject(ArrayList.java:593)
              at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
              at java.lang.reflect.Method.invoke(Method.java:597)
              at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:974)
              at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1848)
              at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
              at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
              at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1946)
      ...
      

      Of some relevance may be:
      http://issues.liferay.com/browse/LPS-30742
      https://groups.google.com/forum/?hl=en&fromgroups=#!topic/akka-user/3PC4L48qyqs

        Attachments

        1. IO-368.patch
          1 kB
          Thomas Neidhart

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                thaddeus.diamond Thaddeus Diamond
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: