> The ObjectInputStream.GetField method `get(String name, Object val)` should > have been throwing > a ClassNotFoundException if the class was not found. Instead the > implementation was returning null. > A design error does not allow the `get(String name, Object val)` method to > throw CNFE as it should. > However, an exception must be thrown to prevent invalid data from being > returned. > Wrapping the CNFE in IOException allows it to be thrown and the exception > handled. > The call to `get(String name, Object val)` is always from within a > `readObject` method > so the deserialization logic can catch the IOException and unwrap it to > handle the CNFE.
Roger Riggs has updated the pull request incrementally with one additional commit since the last revision: Correct comment on the handling of ClassNotFoundException ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/6053/files - new: https://git.openjdk.java.net/jdk/pull/6053/files/bc467cab..438548e9 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6053&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6053&range=00-01 Stats: 2 lines in 1 file changed: 1 ins; 0 del; 1 mod Patch: https://git.openjdk.java.net/jdk/pull/6053.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/6053/head:pull/6053 PR: https://git.openjdk.java.net/jdk/pull/6053
