Mercurial > hg > openjdk > jdk8 > jdk
changeset 8995:7186275e6ef1
8030002: Enhance deserialization using readObject
Reviewed-by: sherman, chegar, scolebourne
line wrap: on
line diff
--- a/src/share/classes/java/time/Duration.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/Duration.java Fri Dec 20 13:06:23 2013 -0500 @@ -74,7 +74,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; -import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.math.BigDecimal; import java.math.BigInteger; @@ -1325,10 +1325,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/Instant.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/Instant.java Fri Dec 20 13:06:23 2013 -0500 @@ -76,6 +76,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatter; import java.time.format.DateTimeParseException; @@ -1346,10 +1347,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/LocalDate.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/LocalDate.java Fri Dec 20 13:06:23 2013 -0500 @@ -78,6 +78,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoLocalDate; import java.time.chrono.Era; @@ -2051,10 +2052,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/LocalDateTime.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/LocalDateTime.java Fri Dec 20 13:06:23 2013 -0500 @@ -76,6 +76,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoLocalDateTime; import java.time.format.DateTimeFormatter; @@ -1984,10 +1985,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/LocalTime.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/LocalTime.java Fri Dec 20 13:06:23 2013 -0500 @@ -74,6 +74,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatter; import java.time.format.DateTimeParseException; @@ -1636,10 +1637,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/MonthDay.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/MonthDay.java Fri Dec 20 13:06:23 2013 -0500 @@ -68,6 +68,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.Chronology; import java.time.chrono.IsoChronology; @@ -769,10 +770,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/OffsetDateTime.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/OffsetDateTime.java Fri Dec 20 13:06:23 2013 -0500 @@ -72,6 +72,7 @@ import java.io.ObjectInput; import java.io.ObjectOutput; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.IsoChronology; import java.time.format.DateTimeFormatter; @@ -1923,10 +1924,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/OffsetTime.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/OffsetTime.java Fri Dec 20 13:06:23 2013 -0500 @@ -73,6 +73,7 @@ import java.io.ObjectInput; import java.io.ObjectOutput; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatter; import java.time.format.DateTimeParseException; @@ -1394,10 +1395,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/Period.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/Period.java Fri Dec 20 13:06:23 2013 -0500 @@ -69,6 +69,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoLocalDate; import java.time.chrono.ChronoPeriod; @@ -1056,10 +1057,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws java.io.InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/Year.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/Year.java Fri Dec 20 13:06:23 2013 -0500 @@ -74,6 +74,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.Chronology; import java.time.chrono.IsoChronology; @@ -1102,10 +1103,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/YearMonth.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/YearMonth.java Fri Dec 20 13:06:23 2013 -0500 @@ -77,6 +77,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.Chronology; import java.time.chrono.IsoChronology; @@ -1228,10 +1229,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/ZoneId.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/ZoneId.java Fri Dec 20 13:06:23 2013 -0500 @@ -64,6 +64,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.format.DateTimeFormatterBuilder; import java.time.format.TextStyle; @@ -622,10 +623,10 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/ZoneOffset.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/ZoneOffset.java Fri Dec 20 13:06:23 2013 -0500 @@ -70,6 +70,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.temporal.ChronoField; import java.time.temporal.Temporal; @@ -767,10 +768,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/ZoneRegion.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/ZoneRegion.java Fri Dec 20 13:06:23 2013 -0500 @@ -60,7 +60,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; -import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.zone.ZoneRules; import java.time.zone.ZoneRulesException; @@ -195,10 +195,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/ZonedDateTime.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/ZonedDateTime.java Fri Dec 20 13:06:23 2013 -0500 @@ -67,9 +67,9 @@ import java.io.DataOutput; import java.io.IOException; -import java.io.InvalidObjectException; import java.io.ObjectInput; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.chrono.ChronoZonedDateTime; import java.time.format.DateTimeFormatter; @@ -2224,10 +2224,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/AbstractChronology.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/AbstractChronology.java Fri Dec 20 13:06:23 2013 -0500 @@ -83,6 +83,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectStreamException; import java.io.Serializable; import java.time.DateTimeException; @@ -764,10 +765,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws java.io.InvalidObjectException always */ - private Object readResolve() throws ObjectStreamException { + private void readObject(ObjectInputStream s) throws ObjectStreamException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/ChronoLocalDateTimeImpl.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/ChronoLocalDateTimeImpl.java Fri Dec 20 13:06:23 2013 -0500 @@ -66,8 +66,8 @@ import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInput; +import java.io.ObjectInputStream; import java.io.ObjectOutput; -import java.io.ObjectStreamException; import java.io.Serializable; import java.time.LocalTime; import java.time.ZoneId; @@ -415,10 +415,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/ChronoPeriodImpl.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/ChronoPeriodImpl.java Fri Dec 20 13:06:23 2013 -0500 @@ -65,6 +65,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectStreamException; import java.io.Serializable; import java.time.DateTimeException; @@ -374,10 +375,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws ObjectStreamException { + private void readObject(ObjectInputStream s) throws ObjectStreamException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/ChronoZonedDateTimeImpl.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/ChronoZonedDateTimeImpl.java Fri Dec 20 13:06:23 2013 -0500 @@ -66,8 +66,8 @@ import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInput; +import java.io.ObjectInputStream; import java.io.ObjectOutput; -import java.io.ObjectStreamException; import java.io.Serializable; import java.time.Instant; import java.time.LocalDateTime; @@ -339,10 +339,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/HijrahChronology.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/HijrahChronology.java Fri Dec 20 13:06:23 2013 -0500 @@ -64,7 +64,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.security.AccessController; import java.security.PrivilegedActionException; @@ -1095,10 +1095,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } }
--- a/src/share/classes/java/time/chrono/HijrahDate.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/HijrahDate.java Fri Dec 20 13:06:23 2013 -0500 @@ -67,6 +67,7 @@ import java.io.IOException; import java.io.InvalidObjectException; import java.io.ObjectInput; +import java.io.ObjectInputStream; import java.io.ObjectOutput; import java.io.Serializable; import java.time.Clock; @@ -610,10 +611,10 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/IsoChronology.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/IsoChronology.java Fri Dec 20 13:06:23 2013 -0500 @@ -62,7 +62,6 @@ package java.time.chrono; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; import static java.time.temporal.ChronoField.DAY_OF_MONTH; import static java.time.temporal.ChronoField.ERA; import static java.time.temporal.ChronoField.MONTH_OF_YEAR; @@ -70,6 +69,7 @@ import static java.time.temporal.ChronoField.YEAR; import static java.time.temporal.ChronoField.YEAR_OF_ERA; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -603,10 +603,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } }
--- a/src/share/classes/java/time/chrono/JapaneseChronology.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/JapaneseChronology.java Fri Dec 20 13:06:23 2013 -0500 @@ -66,6 +66,7 @@ import static java.time.temporal.ChronoUnit.MONTHS; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -523,10 +524,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } }
--- a/src/share/classes/java/time/chrono/JapaneseDate.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/JapaneseDate.java Fri Dec 20 13:06:23 2013 -0500 @@ -68,6 +68,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -697,10 +698,10 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/JapaneseEra.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/JapaneseEra.java Fri Dec 20 13:06:23 2013 -0500 @@ -68,6 +68,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectStreamException; import java.io.Serializable; import java.time.DateTimeException; @@ -171,24 +172,6 @@ this.since = since; } - /** - * Returns the singleton {@code JapaneseEra} corresponding to this object. - * It's possible that this version of {@code JapaneseEra} doesn't support the latest era value. - * In that case, this method throws an {@code ObjectStreamException}. - * - * @return the singleton {@code JapaneseEra} for this object - * @throws ObjectStreamException if the deserialized object has any unknown numeric era value. - */ - private Object readResolve() throws ObjectStreamException { - try { - return of(eraValue); - } catch (DateTimeException e) { - InvalidObjectException ex = new InvalidObjectException("Invalid era"); - ex.initCause(e); - throw ex; - } - } - //----------------------------------------------------------------------- /** * Returns the Sun private Era instance corresponding to this {@code JapaneseEra}. @@ -212,7 +195,7 @@ * @throws DateTimeException if the value is invalid */ public static JapaneseEra of(int japaneseEra) { - if (japaneseEra < MEIJI.eraValue || japaneseEra > HEISEI.eraValue) { + if (japaneseEra < MEIJI.eraValue || japaneseEra + ERA_OFFSET - 1 >= KNOWN_ERAS.length) { throw new DateTimeException("Invalid era: " + japaneseEra); } return KNOWN_ERAS[ordinal(japaneseEra)]; @@ -372,6 +355,16 @@ //----------------------------------------------------------------------- /** + * Defend against malicious streams. + * + * @throws InvalidObjectException always + */ + private void readObject(ObjectInputStream s) throws InvalidObjectException { + throw new InvalidObjectException("Deserialization via serialization delegate"); + } + + //----------------------------------------------------------------------- + /** * Writes the object using a * <a href="../../../serialized-form.html#java.time.chrono.Ser">dedicated serialized form</a>. * @serialData
--- a/src/share/classes/java/time/chrono/MinguoChronology.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/MinguoChronology.java Fri Dec 20 13:06:23 2013 -0500 @@ -57,10 +57,10 @@ package java.time.chrono; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; import static java.time.temporal.ChronoField.PROLEPTIC_MONTH; import static java.time.temporal.ChronoField.YEAR; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -354,10 +354,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } }
--- a/src/share/classes/java/time/chrono/MinguoDate.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/MinguoDate.java Fri Dec 20 13:06:23 2013 -0500 @@ -65,6 +65,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -459,10 +460,10 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/chrono/ThaiBuddhistChronology.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/ThaiBuddhistChronology.java Fri Dec 20 13:06:23 2013 -0500 @@ -57,10 +57,10 @@ package java.time.chrono; import java.io.InvalidObjectException; -import java.io.ObjectStreamException; import static java.time.temporal.ChronoField.PROLEPTIC_MONTH; import static java.time.temporal.ChronoField.YEAR; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -390,10 +390,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); } }
--- a/src/share/classes/java/time/chrono/ThaiBuddhistDate.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/chrono/ThaiBuddhistDate.java Fri Dec 20 13:06:23 2013 -0500 @@ -65,6 +65,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Clock; import java.time.DateTimeException; @@ -459,10 +460,10 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/temporal/ValueRange.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/temporal/ValueRange.java Fri Dec 20 13:06:23 2013 -0500 @@ -61,7 +61,9 @@ */ package java.time.temporal; +import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.DateTimeException; @@ -338,18 +340,27 @@ } } + //----------------------------------------------------------------------- /** - * Return the ValueRange for the serialized values. - * The values are validated according to the constraints of the {@link #of} - * factory method. - * @return the ValueRange for the serialized fields - * @throws InvalidObjectException if the serialized object has invalid values + * Restore the state of an ValueRange from the stream. + * Check that the values are valid. + * @throws InvalidObjectException if + * the smallest minimum is greater than the smallest maximum, + * or the smallest maximum is greater than the largest maximum + * or the largest minimum is greater than the largest maximum */ - private Object readResolve() throws InvalidObjectException { - try { - return of(minSmallest, minLargest, maxSmallest, maxLargest); - } catch (IllegalArgumentException iae) { - throw new InvalidObjectException("Invalid serialized ValueRange: " + iae.getMessage()); + private void readObject(ObjectInputStream s) + throws IOException, ClassNotFoundException, InvalidObjectException + { + s.defaultReadObject(); + if (minSmallest > minLargest) { + throw new InvalidObjectException("Smallest minimum value must be less than largest minimum value"); + } + if (maxSmallest > maxLargest) { + throw new InvalidObjectException("Smallest maximum value must be less than largest maximum value"); + } + if (minLargest > maxLargest) { + throw new InvalidObjectException("Minimum value must be less than maximum value"); } }
--- a/src/share/classes/java/time/temporal/WeekFields.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/temporal/WeekFields.java Fri Dec 20 13:06:23 2013 -0500 @@ -72,7 +72,9 @@ import static java.time.temporal.ChronoUnit.WEEKS; import static java.time.temporal.ChronoUnit.YEARS; +import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.DateTimeException; import java.time.DayOfWeek; @@ -340,6 +342,25 @@ //----------------------------------------------------------------------- /** + * Restore the state of a WeekFields from the stream. + * Check that the values are valid. + * @throws InvalidObjectException if the serialized object has an invalid + * value for firstDayOfWeek or minimalDays. + */ + private void readObject(ObjectInputStream s) + throws IOException, ClassNotFoundException, InvalidObjectException + { + s.defaultReadObject(); + if (firstDayOfWeek == null) { + throw new InvalidObjectException("firstDayOfWeek is null"); + } + + if (minimalDays < 1 || minimalDays > 7) { + throw new InvalidObjectException("Minimal number of days is invalid"); + } + } + + /** * Return the singleton WeekFields associated with the * {@code firstDayOfWeek} and {@code minimalDays}. * @return the singleton WeekFields for the firstDayOfWeek and minimalDays.
--- a/src/share/classes/java/time/zone/ZoneOffsetTransition.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/zone/ZoneOffsetTransition.java Fri Dec 20 13:06:23 2013 -0500 @@ -65,6 +65,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Duration; import java.time.Instant; @@ -172,10 +173,9 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/zone/ZoneOffsetTransitionRule.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/zone/ZoneOffsetTransitionRule.java Fri Dec 20 13:06:23 2013 -0500 @@ -68,6 +68,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.DayOfWeek; import java.time.LocalDate; @@ -233,10 +234,10 @@ //----------------------------------------------------------------------- /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/src/share/classes/java/time/zone/ZoneRules.java Fri Dec 20 09:56:04 2013 -0800 +++ b/src/share/classes/java/time/zone/ZoneRules.java Fri Dec 20 13:06:23 2013 -0500 @@ -65,6 +65,7 @@ import java.io.DataOutput; import java.io.IOException; import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.Serializable; import java.time.Duration; import java.time.Instant; @@ -317,10 +318,10 @@ /** * Defend against malicious streams. - * @return never + * * @throws InvalidObjectException always */ - private Object readResolve() throws InvalidObjectException { + private void readObject(ObjectInputStream s) throws InvalidObjectException { throw new InvalidObjectException("Deserialization via serialization delegate"); }
--- a/test/java/time/tck/java/time/AbstractTCKTest.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/AbstractTCKTest.java Fri Dec 20 13:06:23 2013 -0500 @@ -58,17 +58,18 @@ import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertSame; +import static org.testng.Assert.fail; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.DataInputStream; +import java.io.DataOutputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.io.ObjectStreamConstants; import java.io.Serializable; import java.lang.reflect.Field; -import java.util.Arrays; import java.util.Formatter; /** @@ -164,6 +165,42 @@ } } + /** + * Verify the class cannot be deserialized from a handcoded stream. + * Fail if the deserialization does <em>not</em> throw an Exception. + * @param serClass the class to embed in the handcoded stream + * @throws Exception if an unexpected condition occurs + */ + protected static void assertNotSerializable(Class<?> serClass) throws Exception { + Field field = serClass.getDeclaredField("serialVersionUID"); + field.setAccessible(true); + long serVer = (Long) field.get(null); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try (DataOutputStream out = new DataOutputStream(baos)) { + out.writeShort(ObjectStreamConstants.STREAM_MAGIC); + out.writeShort(ObjectStreamConstants.STREAM_VERSION); + out.writeByte(ObjectStreamConstants.TC_OBJECT); + out.writeByte(ObjectStreamConstants.TC_CLASSDESC); + out.writeUTF(serClass.getName()); + out.writeLong(serVer); + out.writeByte(ObjectStreamConstants.SC_SERIALIZABLE); // Flags ObjectStreamConstants + out.writeShort(0); // number of fields + out.writeByte(ObjectStreamConstants.TC_ENDBLOCKDATA); + out.writeByte(ObjectStreamConstants.TC_NULL); // no superclasses + } + + byte[] bytes = baos.toByteArray(); + + try (ByteArrayInputStream bis = new ByteArrayInputStream(bytes); + ObjectInputStream in = new ObjectInputStream(bis)) { + Object o = in.readObject(); + } catch (Exception ioe) { + // Expected exception + return; + } + fail("Class should not be deserializable " + serClass.getName()); + } + /** * Utility method to dump a byte array in a java syntax.
--- a/test/java/time/tck/java/time/chrono/serial/TCKChronoLocalDateSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/chrono/serial/TCKChronoLocalDateSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -161,4 +161,25 @@ assertSerializedBySer(date, hijrahDateBytes, hijrahChronoBytes, dateBytes); } + + + //----------------------------------------------------------------------- + // Regular data factory for names and descriptions of available calendars + //----------------------------------------------------------------------- + @DataProvider(name = "invalidSerialformClasses") + Object[][] invalid_serial_classes() { + return new Object[][]{ + {JapaneseEra.class}, + {JapaneseDate.class}, + {MinguoDate.class}, + {ThaiBuddhistDate.class}, + {HijrahDate.class}, + }; + } + + @Test(dataProvider="invalidSerialformClasses") + public void test_invalid_serialform(Class<?> clazz) throws Exception { + assertNotSerializable(clazz); + } + }
--- a/test/java/time/tck/java/time/chrono/serial/TCKChronologySerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/chrono/serial/TCKChronologySerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -111,4 +111,24 @@ assertSerializedBySer(chrono, bytes); } + + //----------------------------------------------------------------------- + // Regular data factory for names and descriptions of available calendars + //----------------------------------------------------------------------- + @DataProvider(name = "invalidSerialformClasses") + Object[][] invalid_serial_classes() { + return new Object[][]{ + {IsoChronology.class}, + {JapaneseChronology.class}, + {MinguoChronology.class}, + {ThaiBuddhistChronology.class}, + {HijrahChronology.class}, + }; + } + + @Test(dataProvider="invalidSerialformClasses") + public void test_invalid_serialform(Class<?> clazz) throws Exception { + assertNotSerializable(clazz); + } + }
--- a/test/java/time/tck/java/time/serial/TCKDurationSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKDurationSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -110,4 +110,9 @@ assertSerializableSame(Duration.ZERO); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Duration.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKInstantSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKInstantSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -91,5 +91,10 @@ assertSerializedBySer(Instant.ofEpochSecond(654321, 123456789), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Instant.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKLocalDateSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKLocalDateSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -102,4 +102,9 @@ assertSerializedBySer(LocalDate.of(2012, 9, 16), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(LocalDate.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKLocalDateTimeSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKLocalDateTimeSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -99,4 +99,9 @@ assertSerializedBySer(LocalDateTime.of(2012, 9, 16, 22, 17, 59, 459_000_000), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(LocalDateTime.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKLocalTimeSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKLocalTimeSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -141,5 +141,9 @@ assertSerializedBySer(LocalTime.of(22, 17, 59, 459_000_000), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(LocalTime.class); + } }
--- a/test/java/time/tck/java/time/serial/TCKMonthDaySerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKMonthDaySerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -99,4 +99,9 @@ assertSerializedBySer(MonthDay.of(9, 16), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(MonthDay.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKOffsetDateTimeSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKOffsetDateTimeSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -111,4 +111,9 @@ assertSerializedBySer(OffsetDateTime.of(ldt, ZoneOffset.ofHours(1)), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(OffsetDateTime.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKOffsetTimeSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKOffsetTimeSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -107,5 +107,9 @@ assertSerializedBySer(OffsetTime.of(22, 17, 59, 464_000_000, ZoneOffset.ofHours(1)), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(OffsetTime.class); + } }
--- a/test/java/time/tck/java/time/serial/TCKPeriodSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKPeriodSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -78,4 +78,9 @@ assertSerializable(Period.of(1, 2, 3)); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Period.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKYearMonthSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKYearMonthSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -100,4 +100,9 @@ assertSerializedBySer(YearMonth.of(2012, 9), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(YearMonth.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKYearSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKYearSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -91,4 +91,9 @@ assertSerializedBySer(Year.of(2012), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(Year.class); + } + }
--- a/test/java/time/tck/java/time/serial/TCKZoneOffsetSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKZoneOffsetSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -114,5 +114,9 @@ assertSerializedBySer(ZoneOffset.ofTotalSeconds(53265), bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneOffset.class); + } }
--- a/test/java/time/tck/java/time/serial/TCKZonedDateTimeSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/serial/TCKZonedDateTimeSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -139,4 +139,9 @@ assertSerializedBySer(zdt, bytes); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZonedDateTime.class); + } + }
--- a/test/java/time/tck/java/time/temporal/serial/TCKValueRangeSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/temporal/serial/TCKValueRangeSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -60,11 +60,16 @@ package tck.java.time.temporal.serial; import static org.testng.Assert.assertEquals; +import static org.testng.Assert.fail; +import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.time.temporal.ValueRange; +import java.util.Arrays; import org.testng.annotations.Test; @@ -117,4 +122,57 @@ } } + @Test + public void test_invalid_serialform() throws Exception { + byte[] template = { + (byte)172, (byte)237, 0, 5, 115, 114, 0, 29, 106, 97, /* \u00ac \u00ed \u0000 \u0005 s r \u0000 \u001d j a */ + 118, 97, 46, 116, 105, 109, 101, 46, 116, 101, /* v a . t i m e . t e */ + 109, 112, 111, 114, 97, 108, 46, 86, 97, 108, /* m p o r a l . V a l */ + 117, 101, 82, 97, 110, 103, 101, (byte)154, 113, (byte)169, /* u e R a n g e \u009a q \u00a9 */ + 86, (byte)242, (byte)205, 90, (byte)184, 2, 0, 4, 74, 0, /* V \u00f2 \u00cd Z \u00b8 \u0002 \u0000 \u0004 J \u0000 */ + 10, 109, 97, 120, 76, 97, 114, 103, 101, 115, /* m a x L a r g e s */ + 116, 74, 0, 11, 109, 97, 120, 83, 109, 97, /* t J \u0000 \u000b m a x S m a */ + 108, 108, 101, 115, 116, 74, 0, 10, 109, 105,/* l l e s t J \u0000 m i */ + 110, 76, 97, 114, 103, 101, 115, 116, 74, 0, /* n L a r g e s t J \u0000 */ + 11, 109, 105, 110, 83, 109, 97, 108, 108, 101, /* \u000b m i n S m a l l e */ + 115, 116, 120, 112, 0, 0, 0, 0, 0, 0, /* s t x p \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 */ + 0, 40, 0, 0, 0, 0, 0, 0, 0, 30, /* \u0000 ( \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u001e */ + 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, /* \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u0000 \u0014 \u0000 \u0000 */ + 0, 0, 0, 0, 0, 10, /* \u0000 \u0000 \u0000 \u0000 \u0000 */ + }; + + // minSmallest > minLargest, insert invalid values and deserialize + byte[] bad1 = {0, 0, 0, 2, 0, 0, 0, 1, 0, 0, 0, 3, 0, 0, 0, 4}; + byte[] val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 114, bad1.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minSmallest > minLargest " + ValueRange.class.getName()); + } catch (InvalidObjectException ioe) { + // Expected exception + } + + // maxSmallest > maxLargest, insert invalid values and deserialize + byte[] bad2 = {0, 0, 0, 1, 0, 0, 0, 2, 0, 0, 0, 4, 0, 0, 0, 3}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 114, bad2.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid maxSmallest > maxLargest " + ValueRange.class.getName()); + } catch (InvalidObjectException ioe) { + // Expected exception + } + + // minLagest > maxLargest, insert invalid values and deserialize + byte[] bad3 = {0, 0, 0, 1, 0, 0, 0, 5, 0, 0, 0, 3, 0, 0, 0, 4}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 114, bad3.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minLagest > maxLargest " + ValueRange.class.getName()); + } catch (InvalidObjectException ioe) { + // Expected exception + } + } + }
--- a/test/java/time/tck/java/time/temporal/serial/TCKWeekFieldsSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/temporal/serial/TCKWeekFieldsSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -56,13 +56,21 @@ */ package tck.java.time.temporal.serial; +import static org.testng.Assert.assertEquals; +import static org.testng.Assert.fail; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; import tck.java.time.AbstractTCKTest; import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; import java.time.DayOfWeek; import java.time.temporal.WeekFields; +import java.util.Arrays; /** * Test serialization of WeekFields. @@ -90,5 +98,58 @@ return objects; } + @Test + public void test_invalid_serialform() throws Exception { + WeekFields wf = WeekFields.of(DayOfWeek.MONDAY, 7); + ByteArrayOutputStream baos = new ByteArrayOutputStream(64); + ObjectOutputStream out = new ObjectOutputStream(baos); + out.writeObject(wf); + byte[] template = baos.toByteArray(); + + // (minimalDays = 5) { + byte[] good1 = {0, 0, 0, 5}; + byte[] val = Arrays.copyOf(template, template.length); + System.arraycopy(good1, 0, val, 105, good1.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + Object o = in.readObject(); + assertEquals(o, WeekFields.of(DayOfWeek.MONDAY, 5), "Should be MONDAY, min = 5"); + } catch (Exception ioe) { + fail("Unexpected exception " + ioe); + } + + // (minimalDays < 1) { + byte[] bad1 = {0, 0, 0, 0}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad1, 0, val, 105, bad1.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minimalDays < 1 " + WeekFields.class.getName()); + } catch (Exception ioe) { + // Expected exception + } + + // (minimalDays > 7) { + byte[] bad2 = {0, 0, 0, 8}; + val = Arrays.copyOf(template, template.length); + System.arraycopy(bad2, 0, val, 105, bad2.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid minimalDays > 7 " + WeekFields.class.getName()); + } catch (Exception ioe) { + // Expected exception + } + + // (StartDay = null) { + byte[] bad3 = {0x70}; + val = Arrays.copyOf(template, 110); + System.arraycopy(bad3, 0, val, 105 + 4, bad3.length); + try (ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(val))) { + in.readObject(); + fail("Invalid startDay == null " + WeekFields.class.getName()); + } catch (Exception ioe) { + // Expected exception + } + + } }
--- a/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionRuleSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionRuleSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -133,4 +133,9 @@ assertSerializable(test); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneOffsetTransitionRule.class); + } + }
--- a/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/zone/serial/TCKZoneOffsetTransitionSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -110,4 +110,9 @@ assertSerializable(test); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneOffsetTransition.class); + } + }
--- a/test/java/time/tck/java/time/zone/serial/TCKZoneRulesSerialization.java Fri Dec 20 09:56:04 2013 -0800 +++ b/test/java/time/tck/java/time/zone/serial/TCKZoneRulesSerialization.java Fri Dec 20 13:06:23 2013 -0500 @@ -70,11 +70,13 @@ import static org.testng.Assert.assertEquals; +import tck.java.time.AbstractTCKTest; + /** * Test serialization of ZoneRules. */ @Test -public class TCKZoneRulesSerialization { +public class TCKZoneRulesSerialization extends AbstractTCKTest{ public void test_serialization_loaded() throws Exception { assertSerialization(europeLondon()); @@ -118,5 +120,9 @@ return ZoneId.of("America/New_York").getRules(); } + @Test + public void test_invalid_serialform() throws Exception { + assertNotSerializable(ZoneRules.class); + } }