On Mon, 31 Jan 2022 20:01:39 GMT, Roger Riggs <rri...@openjdk.org> wrote:
>> During deserialization of a serialized data stream that contains a proxy >> descriptor with non-public interfaces >> `java.io.ObjectInputStream` checks that the interfaces can be loaded from a >> single classloader in `ObjectInputStream.resolveProxyClass`. >> If the interfaces cannot be loaded from a single classloader, an >> `IllegalAccessError` is thrown. >> When `ObjectInputStream.readObject` encounters this case, it reflects an >> incompatibility >> between the classloaders of the source of the serialized stream and the >> classloader being used for deserialization. >> When a proxy object cannot be created from the interfaces, >> `ObjectInputStream.readObject` should catch >> the `InvalidAccessError` and throw `InvalidObjectException` with the >> `InvalidAccessError` as the cause. >> This allows the application to handle the exception consistently with other >> errors during deserialization. > > Roger Riggs has updated the pull request incrementally with one additional > commit since the last revision: > > Review feedback recommends using InvalidClassException LGTM ------------- Marked as reviewed by mchung (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/7274