You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Jonathon Nicholas Sanders (Jira)" <ji...@apache.org> on 2022/04/11 13:53:00 UTC
[jira] [Created] (COMMONSSITE-155) ValidatingObjectInputStream
Jonathon Nicholas Sanders created COMMONSSITE-155:
-----------------------------------------------------
Summary: ValidatingObjectInputStream
Key: COMMONSSITE-155
URL: https://issues.apache.org/jira/browse/COMMONSSITE-155
Project: Apache Commons All
Issue Type: Bug
Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons IO 2.11.0
Reporter: Jonathon Nicholas Sanders
I have been using ValidatingObjectInputStream and found a bug.
It appears when you have an ArrayList of String it fails to validate the String.class ( [Ljava.lang.String; ) because somehow some extra data in the full class name causes an error. Currently I have no work around, I could edit the source, and see if I can hunt down the bug myself, but I don't think my project manager would care for that option if it takes me too much time, the other is also not ideal and that is avoid using ArrayList<String>.... but the again, this could be an issue for any ArrayList of Classes.
I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have removed references to my classes for the sake of confidentiality.
Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration
SEVERE: Class name not accepted: [Ljava.lang.String;
java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String;
at org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95)
at org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82)
at org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745)
at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427)
at java.util.ArrayList.readObject(ArrayList.java:797)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427)
at gov.jdaccs.config.__.readConfiguration(__.java:74)
at gov.jdaccs.views.__.openConfiguration(__.java:511)
at gov.jdaccs.views.__.loadDefaults(__.java:757)
at gov.jdaccs.views.__.createNewConfiguration(__.java:2508)
at gov.jdaccs.views.__.<init>(__.java:262)
at gov.jdaccs.views.__.main(_.java:2534)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)