[
https://issues.apache.org/jira/browse/DIRMINA-822?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13006422#comment-13006422
]
Ulrich Kreher commented on DIRMINA-822:
---------------------------------------
You are right, Mina 1.1.7 uses the same construction. I have to confess that we
patched this class quite some time ago by using ObjectInputStream and
ObjectOutputStream directly. For us this works so good, that we forgot about
the patch. I will try this with Mina 2 now and report any problem. However,
this might not be the final solution.
> Deserialising classes that do not implement Serializable fails
> --------------------------------------------------------------
>
> Key: DIRMINA-822
> URL: https://issues.apache.org/jira/browse/DIRMINA-822
> Project: MINA
> Issue Type: Bug
> Components: Core
> Affects Versions: 2.0.2
> Reporter: Ulrich Kreher
>
> AbstractIoBuffer uses ObjectStreamClass.lookup(Class) which returns null for
> classes that do not implement Serializable. This in turn leads to a
> NullPointerException a few lines below in resolveClass(ObjectStreamClass)
> where the ObjectStreamClass-parameter is null.
> Deserialising a non-serialisable class is completely legal, instances of such
> a class will already fail to serialise so they will never get to
> deserialisation.
> Using ObjectStreamClass.lookupAny(Class) will solve this issue, but it is not
> available before Java 6.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
