Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: 1.4.3.Final
    • Fix Version/s: None
    • Component/s: JBoss Serialization
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      See attached.

      Show
      See attached.
    • Workaround:
      Workaround Exists
    • Workaround Description:
      Hide
      • Change the alphabetical ordering of the fields so that the members that will be referenced come before the member containing the reference
      • Make the member containing the reference transient and use a writeObject/readObject pair to ensure that it is always written last
      • Mark the serializable object as Externalizable and read/write the member containing the reference last
      Show
      Change the alphabetical ordering of the fields so that the members that will be referenced come before the member containing the reference Make the member containing the reference transient and use a writeObject/readObject pair to ensure that it is always written last Mark the serializable object as Externalizable and read/write the member containing the reference last

      Description

      When an object being deserialized contains a self-reference (nested arbitrarily deep), the nested reference is returned as a ref to the uninitialized object.

      If this reference is used (for example is inside a container that calls equals/hashcode), it can trigger a NullPointerException, access incorrect data, etc since the object's data has not been initialized.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  dmlloyd David Lloyd
                  Reporter:
                  dereed Dennis Reed
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: