You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Jonathon Nicholas Sanders (Jira)" <ji...@apache.org> on 2022/04/14 15:37:00 UTC

[jira] [Closed] (IO-766) ValidatingObjectInputStream

     [ https://issues.apache.org/jira/browse/IO-766?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jonathon Nicholas Sanders closed IO-766.
----------------------------------------
    Resolution: Not A Bug

> ValidatingObjectInputStream
> ---------------------------
>
>                 Key: IO-766
>                 URL: https://issues.apache.org/jira/browse/IO-766
>             Project: Commons IO
>          Issue Type: Bug
>         Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons IO 2.11.0
>            Reporter: Jonathon Nicholas Sanders
>            Priority: Major
>         Attachments: .checksum.md5, Unit Test Case_20220413.zip
>
>
> I have been using ValidatingObjectInputStream and found a bug.
>  
> It appears when you have an ArrayList of String it fails to validate the String.class ( [Ljava.lang.String; ) because somehow some extra data in the full class name causes an error. Currently I have no work around, I could edit the source, and see if I can hunt down the bug myself, but I don't think my project manager would care for that option if it takes me too much time, the other is also not ideal and that is avoid using ArrayList<String>.... but the again, this could be an issue for any ArrayList of Classes.
>  
> I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have removed references to my classes for the sake of confidentiality.
>  
> Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration
> SEVERE: Class name not accepted: [Ljava.lang.String;
> java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String;
> at org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95)
> at org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82)
> at org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100)
> at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859)
> at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745)
> at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
> at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427)
> at java.util.ArrayList.readObject(ArrayList.java:797)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
> at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427)
> at gov.jdaccs.config.__.readConfiguration(__.java:74)
> at gov.jdaccs.views.__.openConfiguration(__.java:511)
> at gov.jdaccs.views.__.loadDefaults(__.java:757)
> at gov.jdaccs.views.__.createNewConfiguration(__.java:2508)
> at gov.jdaccs.views.__.<init>(__.java:262)
> at gov.jdaccs.views.__.main(_.java:2534)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)