# HG changeset patch # User msheppar # Date 1436888981 -3600 # Node ID f9630ed441a06612f61a88bd3da39075015213a7 # Parent 6518e1969ae18205cebe85e7d9f2264d0c8eedf1 8076392: Improve IIOPInputStream consistency Reviewed-by: rriggs, coffeys, skoivu, ahgross diff -r 6518e1969ae1 -r f9630ed441a0 src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java --- a/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java Tue Jul 14 18:03:10 2015 +0100 +++ b/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java Tue Jul 14 16:49:41 2015 +0100 @@ -567,6 +567,11 @@ // XXX I18N, logging needed. throw new NotActiveException("defaultReadObjectDelegate"); + if (!currentClassDesc.forClass().isAssignableFrom( + currentObject.getClass())) { + throw new IOException("Object Type mismatch"); + } + // The array will be null unless fields were retrieved // remotely because of a serializable version difference. // Bug fix for 4365188. See the definition of @@ -2247,6 +2252,27 @@ try { Class fieldCl = fields[i].getClazz(); + if ((objectValue != null) + && (!fieldCl.isAssignableFrom( + objectValue.getClass()))) { + throw new IllegalArgumentException("Field mismatch"); + } + Field classField = null; + try { + classField = cl.getDeclaredField(fields[i].getName()); + } catch (NoSuchFieldException nsfEx) { + throw new IllegalArgumentException(nsfEx); + } catch (SecurityException secEx) { + throw new IllegalArgumentException(secEx.getCause()); + } + Class declaredFieldClass = classField.getType(); + + // check input field type is a declared field type + // input field is a subclass of the declared field + if (!declaredFieldClass.isAssignableFrom(fieldCl)) { + throw new IllegalArgumentException( + "Field Type mismatch"); + } if (objectValue != null && !fieldCl.isInstance(objectValue)) { throw new IllegalArgumentException(); }