stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8000638: Improve deserialization

Browse Source 
Reviewed-by: smarks, hawtin, mchung
This commit is contained in:
Darryl Mocek 2013-03-04 14:34:15 -08:00
parent 013fa331c6
commit 4a3efff02b
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
jdk/src/share/classes/java/io/ObjectStreamClass.java
View File

@ -1151,7 +1151,14 @@ public class ObjectStreamClass implements Serializable {
end = end.getSuperclass(); end = end.getSuperclass();
} }
HashSet<String> oscNames = new HashSet<>(3);
for (ObjectStreamClass d = this; d != null; d = d.superDesc) { for (ObjectStreamClass d = this; d != null; d = d.superDesc) {
if (oscNames.contains(d.name)) {
throw new InvalidClassException("Circular reference.");
} else {
oscNames.add(d.name);
}
// search up inheritance hierarchy for class with matching name // search up inheritance hierarchy for class with matching name
String searchName = (d.cl != null) ? d.cl.getName() : d.name; String searchName = (d.cl != null) ? d.cl.getName() : d.name;