summaryrefslogtreecommitdiffstats
path: root/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
diff options
context:
space:
mode:
authorNeil Fuller <nfuller@google.com>2014-06-25 17:54:12 +0100
committerPaul Kocialkowski <contact@paulk.fr>2015-08-30 23:04:25 +0200
commit74ebabb6156cd62e8fb877f08caf3c88f357fdcd (patch)
tree019bc345af31fd3e83d6b8978b3849d964c0f8c4 /luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
parentb32087cc78dfd13aac9e6476266cf211b179af2f (diff)
downloadlibcore-74ebabb6156cd62e8fb877f08caf3c88f357fdcd.zip
libcore-74ebabb6156cd62e8fb877f08caf3c88f357fdcd.tar.gz
libcore-74ebabb6156cd62e8fb877f08caf3c88f357fdcd.tar.bz2
Add additional checks in ObjectInputStream
Thanks to Jann Horn for reporting a bug in ObjectInputStream and sending the initial patch. Add some checks that the class of an object being deserialized still conforms to the requirements for serialization. Add some checks that the class being deserialized matches the type information (enum, serializable, externalizable) held in the stream. Delayed static initialization of classes until the type of the class has been validated against the stream content in some cases. Added more tests. Bug: 15874291 (cherry picked from commit 738c833d38d41f8f76eb7e77ab39add82b1ae1e2) Change-Id: I9f5437ed60936882de56589537176466624e631d Signed-off-by: Neil Fuller <nfuller@google.com> Tested-by: Moritz Bandemer <replicant@posteo.mx>
Diffstat (limited to 'luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.1 at 2024-06-08 19:41:54 +0000